How to fix hacked WordPress websites and how to prevent your WordPress website getting hacked again!
WordPress is the most popular open source Content Management System (CMS) on the market today. It’s free cost, ease of use and millions of readily available plugins make it an irresistible choice for web developers and business small and large across the globe.
However, in our experience, WordPress is one of the most commonly hacked platforms out there, not due to a flaw in the coding but due to some basic vulnerabilities server side and during set up.
For wordpress to work it needs certain permissions to access folders, for uploads as an example, WordPress needs access to the uploads folder to place uploads there, however this folder has certain permissions which can be exploited and allow hackers a way in to your website.
One of the reasons for this is that WordPress uses default directories and URLS such as /wp-admin and /uploads that everyone knows about. Hackers can use automated software to scan your webhost and find these vulnerabilities and hack your website.
There is a very very very simple way of fixing this and it’s all down to a WordPress security plugin I recently stumbled across called Sucuri which you can download from here: https://sucuri.net/wordpress-security/wordpress-security-monitoring
What this WordPress security plugin very cleverly does is a number of things, the 3 most important I have highlighted below:
- Firstly it monitors your core wordpress files and keeps them safe, should they be modified or deleted, then a recoverable version is stored within the system
- Sucuri protects your core files by allowing you to “harden” your security settings – Remember those potentially vulnerable folder permissions mentioned earlier on in the article? – They can be protected at the click of a button!
- The final important element of Sucuri is the fact that it monitors your website in real time and email alerts you to failed login attempts, core file changes and basically anything shady!
This plugin has really changed the security we can offer our clients and it’s very easily installed, to download the plugin please visit: https://sucuri.net/wordpress-security/wordpress-security-monitoring