WordPress Hack Recovery Checklist
Recovering From a Hack
If your WordPress site has ever been hacked, you might need a checklist to cover everything. Here is a quick one that we have used to help a few site owners in need:
- Download new WP and upload to New Directory on the server. This starts you with a clean slate.
- Check to see if you have local copies of the theme folder. Use those old, uncorrupted files for the new installation.
- If you do not have local copies of the theme files, then you need to transfer over the potentially hacked theme files and upload files only.
- First, download and check all theme files for the hack. Usually the hack is added code to the header and footers of common files.
- Search for any javascript code of base64 encodes, as that is the hack of choice lately.
- Remove any unnecessary files that you are unsure of their purpose.
- Move over themes files to the new install once cleaned.
- Check your WP users for any unauthorized WP users and delete them.
- Change all WP user passwords.
- Check your database for any odd/new data.
- Reset FTP Passwords for all users.
- Remove any Shell Access in the control panel if not needed
- Reset Hosting Control Password
- Reset Database Password for WP
- Update new wp-config.php file to your new settings.
- Salt the wp-config.php file.
- Swap the installs, by moving the old WP to a sub-directory and the new installation to the old location. This makes the new site live.
- Test the site to make sure the theme works, the hack is gone, that plugins work and all uploads work.
- Delete old WP installation once you pass all tests.
- Reset CHMOD Permissions to all transferred files. The new WP install should have all the correct permissions, but any transferred files might be corrupted and have 777 access or other odd access permissions.
- Install Security Plugins such as WP Lockdown, WP Security Admin Tools
- Change the default user from admin to something else.
- Change the WP database table names, if possible.
If you have any other tips, feel free to let us know.
Move over themes files to the new install once cleaned.
About Us
Did you know more than 200 clients have worked with PaperStreet for more than 10 years?
Get a Free Website
Analysis and Consultation
Marketing Services
Join the Sales and Marketing News, receive our last insights, tips and best practices.
Our 7 Guarantees
Keeping 2,000+ Clients Happy Since 2001.
1
You Will Love Your Design
We design to please you and your clients
2
Same-Day Support
24-hour turnaround edits during business hours
3
Free Education
We provide knowledge to help you expand
4
No Hidden Charges
We quote flat-rate projects
5
Own Your Site
No strings attached
6
We Create Results
SEO, PPC, content + design = clients
7
We Make Life Easier
One agency for web, branding and marketing