- [Download] AVG Internet Security 2013 Full Version for Free; Windows 8 compatible
- Nokia Lumia 900 up for pre-order now at AT&T [Specs, Price and release dates]
- Samsung Galaxy Note 2 ready to burn the floor; sports Super-AMOLED display and Exynos processor
- Blackberry Playbook – Specs and Features
- Samsung Galaxy Note 10.1 revealed at MWC
First of all, don’t panic too much, I can understand your WordPress blog is hacked or got compromised but if you will follow some simple steps you can recover it within minutes. I’m writing the post as my blog was recently defaced by a Pak hacker as part of the Cyber war between India and Pakistan. As, hackers continue to their job, we as admin need to secure and fix all vulnerabilities on our website.
When, Technogiantz was defaced I was feeling disgusted as I thought what bad I’ve done to them. But, as this is their part of interest we need to take adequate measures to patch all security loopholes from our sides.
Defacing means that someone with malicious intent put up his or her custom designed webpage in place of your blog or website pages. Usually, it’s done by replacing the index.html or index.php file from the server thereby redirecting every URL related to the blog to their defaced page.
Till now, yours anxiety level might be at it’s height so here we will outline the basic steps that you need to proceed with in order to get your website safe and secure. Also, these were the steps, I took to fix my website to bring it to the working state.
Recovering Hacked WordPress Blog
To begin with, first scan the website for any malware attack, you can do so by using this tool. From here, you can get the idea of the type of infection the blog is suffering from.
Step 1) The moment you realise that your web is compromised just Log-in to the cPanel and change the Username and Password manually. If you’re on WordPress you can navigate to,
phpMyAdmin – > Select your wordpress database – > Find Wp_Users from the list of directory – > On right side, select the user for whom you want to change the password – >Next, change the username and password from the respective fields.
Step 2) If you’re lucky enough, then you may get access to the Website’s admin panel i.e., www.example.com/wp-admin.
Step 3) Still if the problem persists, then contact your hosting provider for support on the issue. Most likely, they will set the website to last recent backup. Don’t worry nothing will be lost as most of the providers take automatic backup keeping the changes you made recently intact.
Step 4) At this point your website should be fixed but in case it still shows 500 internal server error you need to do some more stuff. Open, cPanel and click on the error logs option under the Logs section.
Step 5) Now, examine closely for the recent error which has occurred, see the time and type of error. In my case, the reason the webpage was not accessible was with the plugin called Dig Dig, so I deleted the plugin manually from the public_html folder which got the site running back.
Step 6) If still the problem is not solved, contact your hosting provider again for a possible solution. May be a fresh installation of wordpress can be the last option.
- Re-scan the website for confirming that your website has no more errors – Sitescanner
- Don’t just sit idle, install some effective wordpress security plugin like, Better WP Security or Bullet Proof security.
- Once, you recover the blog, do remember to change the theme as most of the backdoor vulnerability exists in the themes itself.
- Also, keep a track of your visitors for suspicious activity and label their IP address before they cause any harm to the blog.
More or less, this is the way I proceeded to recover my website. Don’t get tensed by the fact that your blog is hacked just think patiently and look for the reason where can a fault occur. In case, if you’ve more queries I would love to answer them.