WordPress Hacked – Cleanup and Prevention
Well, most of you who have visited my blog since May 28 or so, realize that my WordPress blog had been hacked; something that all of us try to prevent.
Speaking from experience, I can tell you it is one of the most frustrating experiences of my life. Why?
Because all the right things were in place and someone still got in! The funny thing is my hosting company says I was not hacked. I say Bah! Humbug! But that’s another issue.
In the meantime, I’ve learned a little bit about cleaning up the mess if you’ve been WordPress hacked. I also found another issue with the site being hacked.
All traffic was stopped from coming to my site, including Googlebot! The search engines had stopped crawling my site! Google sent a message indicating something was wrong. Man, oh man, if I could ever find that invader I’d #@$@%!
I use SheerSeo to get a weekly report to show me where I am on Google based on my keywords. I’ve been ranking pretty high or on the first page of Google for certain keywords for 6 months to a year now.
Friday, I realized I didn’t get a report from SheerSeo so I manually checked and was ABSOLUTELY shocked that every keyword was in the red. In other words, I was no longer ranking for any keywords!
I threw another hissy fit because there is nothing I can do about the results and I have to start working for ranking all over again! Damn!
Here’s a small view of my account so you can see.
Here’s another view for my name as the keyword ‘Barbara Charles – See below – Drop from #2 position on Google to 50!
As I write this I’m just sick to my stomach. All that hard work! <sigh!> 🙁
So the reason for his post is two fold.
- A warning. If you think, it’ll never happen to you because you’ve got your site locked down tight – think again! It can happen to anyone! Do you hear me? Anyone!
- Give you some ways to check to see if you are under attack or were attacked or some preventive measures besides relying on your security or other plugins.
What To Do If You Think You’ve Been Hacked?
Besides the items I mentioned in my past article regarding fixing 404 errors with Webmaster Tools, try any of the following to see the status of your website.
- Go to Google’s Diagnostic tool at http://www.google.com/safebrowsing/diagnostic?site= Yes this is correct. Put the website that you want to diagnose right after the “=” sign. So for instance if I want to see the diagnostic for my site it would be http://www.google.com/safebrowsing/diagnostic?site=barbaracharles.org. Results would be displayed including the following:
- Last time Google analyzed the page, when it last had something malicious, and what type of malware Google encountered
- The listing status of the site in its current state. How often a site or parts of it were listed in the past.
- Has the site had malicious software in the past and has the site distributed any malicious software in the past.
Check out Sucuri.net, a site that does monitoring, alerting, removal of spyware and malware and provide preventive measures. You can also do an immediate FREE scan to see if there is anything on your site (this is not an affiliate site).
Sucuri Site Check Results
Another tool to use to see if there are any blocks on an IP address as there were with mine. When the hacker got in, he/she/it (yeah I’m still ticked off!), they blocked all IP addresses.
If I had checked this first, I would have known that the Googlebots were blocked, as well as, all the other IP addresses.
At first I didn’t understand why you would want to look up someone’s domain but what I learned is that you can check on blocked IP addresses! >:( >:-( >:^(
Results display all pertinent information for the URL including Name of Owner, Address, Hosting Company and other personal information. When you purchase your domain name you might want to make those things private if you don’t want people knowing about it.
4. Google Analytics and Webmaster Tools
Check your traffic in Google Analytics. Recently I wrote an article on How To Easily Fix 404 Errors Using Webmaster Tools.
In the exact same spot where you found the 404 errors, you will find listed the 403 errors and can use the same procedure/process to clean up all the bad data and get rid of those 403’s.
I’m working on that now. There were over 1000 of them <sheeeesh!> Clean up is taking a looonnnng time!
So the results of being hacked can be many. They can take your site down completely. They can steal your vital info especially credit cards info if you have a sales site. They can just ‘mess’ with your mind and all your hard work.
Put these tools in your blogging list of necessary items so you can see what’s going on with your blog. Many people use Google Analytics and it’s a great tool, but there is some backup that gives you additional information or if you want to check on someone else’s site.
For instance you can put in a site to see if that site has ever distributed malware and you can then avoid that site like the plague. I think we need these tools to help us know what is going on with our blogs!
So check out these cool tools. As much as I hate to say this, “Experience IS the Best Teacher!”
Have you every been hacked or know of someone who has? What did they do for preventative measures after the attack? How did they track status of their own as well as other’s sites?
It is so important to share this type of information. Help us all. Please share your experiences.