My WordPress Is Hacked. What Do I Do Now?

WordThe most important thing you can do right now is to remain calm. It’s frustrating to find out your WordPress website was hacked, we understand. That’s why we take care of everything. That’s what a good host supposed to do – right?

We Handle It

Unlike your typical host, we provide security by default. It’s not an addon, a premium for those who can afford it. Everyone gets it by default. You get preventative measures to stop hackers and a clean up service if you do get hacked.

In most cases, we’ll know about hacks before you do. Your website files are scanned daily for hacks and malware files. We have a growing 10,000,000+ database of malware signatures. We also check with Google’s blacklist (SafeBrowsing) to make sure your domain is not on it.

  • If we find something, we will open a ticket to notify you and begin clean up as soon as possible.
  • If you noticed your website is hacked (or you think it might be hacked), open a ticket with High priority immediately.
  • If you received notification from Google Search Console regarding security issue (ex: malware), open a ticket with High priority immediately. False positives are possible with Google.

Whatever the issue is, if you’re not sure about something, open a ticket. We’re happy to help.

We Have Your Back

In most cases, we clean up sites the same day. Sometimes we may need to recover an earlier backup if hackers deleted files.

Google’s blacklist (security warning in Search Console) is a different story. You’ll have to request review once everything is clean, and it may take anywhere between a few hours to several weeks to clear the warning. There’s no way to expedite that process.

Google Search Console security warning

If your search results are full of spam pages, we’ll assist you with setting up proper redirects and robots.txt file rules to help Google remove those pages from their index. Again, we’re on Google’s time. It can take anywhere between a few weeks to several months (or longer) for spam pages to be removed from search results.

Plugin Vulnerabilities

Typically, WordPress websites get hacked through a plugin vulnerability. That’s why we monitor multiple security news feeds for plugin vulnerability disclosures. Once vulnerability is disclosed we act accordingly.

Patched plugins are upgraded to eliminate vulnerability, and if there’s no fix we will disable plugin to prevent hackers from exploiting this vulnerability.

Note on GDPR: If your WordPress contains personal information of any EU data subjects, you must report data breaches to appropriate supervisory authorities within 72 hours (more info here). UK’s supervisory authority (ICO) has a data breach self-assessment to see if you need to report your breach or not. Take it.

Was this post helpful?

Still need help? Yes, I do!