A few days ago, a reader sent me this message via Facebook.
The screenshot she sent me was of one she had taken in Google and right underneath my website name was a sentence “This site may have been hacked“.
To be honest with you, the fact that I had received this message was freaky enough but for it to coincide with Halloween ? That sent chills all over my body.
I immediately gathered myself & emotions and clicked on the the “This site may have been hacked” link. This led to a Google information page which to be truthful was plenty confusing. Anyway, I read as much as I could understand and then headed over to my website to make sure things were okay.
Bottomline : while my website was rendering fine, hackers had injected malicious files into my website. Google had picked up on the malicious files and was telling people searching for my site in Google that I had been hacked.
My WordPress site got hacked ! You work hard to create all this content and have a functional website and people do this to you ?
Here are the steps I took to start on the path is getting things rectified. I talk about it in detail in the video below but thought I would write them out as well.
What I Did To Get My Site Fixed
1.Once I found out my site contained malicious file, I followed Google’s instructions to do a site fetch. You do this by typing in site:yourwebsite.com into the Google search bar like so :
Doing this will pull up all the pages that Google has indexed for your site. Make sure to go through all the pages to see if there are any pages on your website you never created.
Lo & behold when I did the site fetch, 2 pages came up that I had never created on my site. Those 2 pages were the reason my site had been flagged as hacked.
2. I immediately got in touch with my hosting company and described my situation to them. I highly suggest that this is your next step. The scanned my site and found a total of 33 files that were malicious !
So now comes the question, how were these hackers able to alter files in my site without having my password ?
Vulnerabilities in plugins and themes especially ones that have not been updated.
My word of caution to you : if there are WordPress plugins or themes that are just sitting in your dashboard that you are not actively using delete them or at the very least update them NOW. This is how the hackers were able to alter files on my site.
Don’t think that just because you have a complex password hackers won’t be able to get to your site.
3. Once you find the files on your website that have been infected, either remove them yourself (ONLY IF YOU KNOW WHAT YOU ARE DOING !) or have your hosting service take care of it for you. They may charge you a little extra but it is worth the health of your site and business.
4. Once I was done removing the malicious files, I got in touch with my hosting company to re-scan my site. They got back to me and said everything was fine now.
5. Once the malicious files have been cleaned up, go into Google Webmaster Tools (Now Search Console) and ask them to re-examine your site so that “This site has been hacked” message can be removed from search results.
According to Google, this process can take weeks so you may not see that message disappear immediately but if you have cleaned up your site, it will eventually be removed.
Important Lessons Learned From This Experience
1.Always update your plugins, themes and your WordPress software as soon as a new version comes out. Make sure to read the fine print on each of these especially plugins to make sure there are no vulnerabilities that can be exploited by hackers. If you are not using the plugin or theme, delete it from your backend.
2. Having a strong password to your site is not sufficient to protect you. Nevertheless, make sure your password is a strong one. If you are still using “admin” , “username” or “wordpress” as your username or password PLEASE change it right now.
3. I was already signed up for and had my site verified through Google Webmaster Tools. If you currently don’t have Google Webmaster Tools get your site verified through them TODAY.
4. Back your site up regularly. I would say every time you publish a new piece of content back it up. This way if hackers actually shut your site down, you will have the most up-to-date files of your website and you will be able to work together with your hosting company to get your site back up and running without missing any vital info.
5. Wordfence is a tool you might find useful in your endeavors to keep your site protected. It blocks hackers after they try to sign into your site a certain number of times.
6. Be watchful of your social media footprint. I don’t mean to be a conspiracy theorist but hackers are adept in figuring out things about you from your social media profiles that they may be able to use to hack into a portion of your life e.g your e-mail. And once they are able to access that, everything is pretty much downhill from there.
Social media is wonderful, but be careful of over-sharing.
Wrapping it Up
Every profession has occupational hazards. You site getting hacked is the ultimate occupational hazard for us as online entrepreneurs. Make sure you have all the things I have discussed with you and seek out other options that may be available to you through your hosting company.
Your have worked hard. Don’t let hacking destroy what you’ve worked for.