What to Do When Your WordPress Website Disappears

Episode 2: Bob Confronts the Menace

Nothing is more frustrating than getting a call or email from a client telling you your website isn’t showing up, or discovering that your website is redirecting visitors to Russian mail order sites, or receiving a notice from your web host saying that your website is harvesting bank account logins and if you don’t fix it, they will shut you down.

You have no idea what any of this means, your clients think you’ve gone out of business, and you need to sort this out ASAP!

What Do You Do?

Well, we’re not going to drive or operate any heavy machinery, so grab a scotch, sit down, and take a deep breath. (I swear an alcoholic is not writing these blogs).

Person whose website has been hacked.

First, we need to pinpoint the source of the problem, which is likely to be a hacking or malware issue. All such issues stem from hacking, but some hacking also results in malware.

There are numerous ways your WordPress website can be compromised by hackers. Most of the time, it’s because your site utilizes code, plug-ins, or a theme that is running an outdated script. This allows a hacker access to you server and/or your site.

For the purpose of this blog, let’s concentrate on fixing general hacking and malware issues. We’ll start with some quick and painless steps that should be able to get you up and running and cootie-free ASAP.

The Cure

Step 1

Run all of your WordPress updates: core, plug-in, and theme updates. This step is vital. Most intrusions occur because website owners just don’t keep on top of their updates. It doesn’t matter how busy you are, you must always maintain the health of your website. Set yourself a calendar alarm and spend five minutes taking care of this on the first of each month — it’s the best prevention against web issues of any sort.

Step 2

Double check whether any of the plug-ins or themes you’re using were not updated in Step One. From time to time, an update might not be available for any number of reasons. For example, perhaps your license to the theme or plug-in expired, or maybe that particular plug-in was retired and is no longer in use. If so, update your license or get help from your web developer to find a replacement plug-in.

NOTE: Never, ever stick with a theme that has not been updated by its developer in more than six months. Theme developers should update their themes regularly, as the WordPress platform itself is updated to newer versions. If a theme is not updated to keep up with the current version of WordPress, it will get significantly behind in its ability to include the security updates that are being made to the WordPress platform. And this puts your website at serious risk of hacking. It does take a bit of time or money to switch WordPress themes, but fixing your website after too much time has passed, or after it has been compromised, will always take longer and cost you much more.

Step 3

This one is not an easy step, so if you need help, reach out. If your web host has notified you that you have compromised files or phishing* going on on your website, ask them for a list of files that they’ve flagged, and use that list to delete all of those files from your web sever. Some might be core WordPress files, so download a copy of the WordPress core and upload clean versions. They can be found at www.wordpress.org.

* Pfishing is a scam whereby scammers — really, criminals — send out fraudulent emails pretending to be from a reputable business such as a bank or financial institution, and tricking the recipient into revealing confidential information such as passwords or credit card numbers. Scammers will compromise insecure websites of any type to install scripts that run their pfishing scams in the background. Usually the website owner has no idea that their website has been compromised.

Step 4

Run a file scanner like Sucuri, especially if your web host refuses to get you that list of compromised files we mentioned in Step 3. Sucuri can also help fix hacks and other malware that is harder to track down. 

Step 5

At this point your website should be back up. Delete all old backups of your website, since they may also be compromised, and create a new backup.

These five steps should take care of most cases of website hacking. If you need additional help, or if you’re stymied by Step 3, call in the big guns. That’s us 😉

Getting Inoculated

Now let’s talk prevention, or at least what you can do to minimize the likelihood of having your website hacked.

  1. Always run your updates. As suggested above, set an alarm, a reminder, or a Google calendar event. Do whatever you need to do to remind yourself to run your updates once a month, at a minimum.
  2. Install a plug-in like All in One Security. Plug-ins like this one monitor your site and attempt to block most intrusions, or at the very least notify you of possible issues and file changes.
  3. Choose a theme with a history of frequent updates. This usually means its developers are on top of security issues and prioritize keeping their theme current with the WordPress platform.
  4. Scan through all of the pages on your site from time to time for any content or images you didn’t add. Something may have been added as part of a hacking scheme, and security tools may not always flag changes to page content that might only be obvious to you.
  5. Avoid clowns with balloons. Remember there is never a need to follow anyone into a storm drain.

Stay safe. Avoid Derry. Don’t Float.

Raymond Mongroo