When You’re Hacked in WordPress: Dealing With a Hacked WordPress Site

ne of the worst things that can happen to your website just happened: It’s been hacked. Somebody broke into your computer and got passwords, or your passwords were weak, or somebody exploited a security vulnerability caused by WordPress or your hosting provider, or something else happened that let a hacker hack your website…

What do we do now? It’s not the time to feel sorry for yourself, it’s time to take action and bring back your website. Let’s go!

It’s a good question, and it’s got more than one answer, but none of those answers is “because WordPress isn’t safe”.

Believe me when I say this: WordPress is one of the most secure platforms on the internet. You can’t expect 100% security from any system (even your brain isn’t 100% secure—scientists are now able to read or even overwrite thoughts on your brain!). So nobody can talk about total protection, but be sure that WordPress is a lot safer than regular platforms. Why? Because it has a huge developer community that can patch zero-day vulnerabilities on day zero. But, again, you shouldn’t even trust yourself when it comes to safety and security.

So, let’s answer the question: Why do WordPress websites get hacked? As I said, there is more than one answer:

Because of a security flaw on your server: You probably know that WordPress isn’t the only software that runs on your server to generate your web pages. Your server has an operating system which runs important software like PHP, MySQL, a hosting control panel like cPanel, and anything that’s necessary to allow software like WordPress to be run. Even the tiniest security flaw in this system can allow a hacker to bring down your website.

Because of a security flaw on your computer or mobile device: Remember the times when you could connect to a computer with Windows XP through a port and without any intervention, even evading those awful “firewalls”? It’s not as horrible as it’s used to be, but that doesn’t mean that your computer, smartphone or tablet is completely safe—again, nothing is 100% safe. More and more viruses and trojans come out every day, targeting iOS, Android, Windows, Linux, OS X and every other operating system. Not only operating systems, but also regular software can cause security problems as well. It doesn’t stop there either: You can even reveal your passwords to hackers through unencrypted Wi-Fi connections. Seriously, an evil mind has many options to get to your passwords.

Because of a security flaw on you: You know what I learned in over 15 years? You can take every single precaution on your systems, but if you don’t have common sense, you will fail on security. It seems the easiest, but it’s actually the hardest thing to do if you want better security: You have to be careful.