Oh crud. One morning you go to your beloved website to find that one of posts has text in it that includes words like ‘online cialis’. You know you are not selling it so how did an ad get there?You log into your account and remove the errant text from that post. Then you find another post and remove that text.
Odd! That post had different text that said ‘cialis 100′, so you remove that one too. Digging deeper you find another post and then another and another.With a sinking dread you increasingly realize that every post as at least one phrase that includes a url for cialis. If you are lucky, you only have 10 or so posts that you need to fix.
If you are unlucky, you have thousands of posts that include the hack. Now what?You contact support and tell them to remove the hacks from your sites. I can hear them laughing now! You get back some lame response saying that wordpress is very vulnerable to hacks.
They also imply that this is your fault because you use other plugins with added security holes. They may further suggest that you change all your passwords.After increasingly panicky and heated exchanges you come to the realization that support is not supporting you. You are on your own. They tell you to reinstall your wordpress blog with a current version and to import your backup posts.
Oh crud. You don’t have an unhacked export of your blog because you thought your site was safe or that the web hosting company had one.Now what?The real truth is that some web host companies are more prone to repeated attacks because of lax security. Even if you fix all of the current problems, there is a 50% chance that the hackers still have a way to get into your account to cause more grief with the same hack or even a new one.
Your best plan is to start fresh at another hosting company. Sure, it is a pain. But the hackers will come back, so your best solution is not to be there when they do.The first thing you need to do is get another web hosting account at a site that has real support. Ipage web hosting is a great affordable option. The account setup is automatic, quick and flawless. If you do run into a problem they will help you and actually take action, instead of just telling you what to do.
You don’t have time to make an exhaustive search. You need a more secure web host site now!After you have a new account setup, you will want to use their install script to install a current wordpress on that host site. Now you have to start the process of recreating your site with as much unhacked material as possible. If you bought or use a special theme you can upload it to your new site from your computer or the original source. You also need to get new copies of any plugins that you need.If you have a relatively current unhacked xml export from wordpress or a sqz from mysql then you should use that one in your new site.
However, if you do not have anything that would resemble your recent site, you have to make a choice. You can go back to your existing site and fix all of your posts, some of your posts or just start totally fresh. It is your decision to make.
So make it and move on.If you do not have a good backup you may have to get the hacked posts from your existing site. If you have thousands of posts, the wordpress blog xml export may be too big to import at the new site. Just to be safe, you should go to the cpanel and get a mysql database backup too.
Once you have done what you intend to do about the posts and have done as much as possible at the new site, it is time to change your dns record and get away from the old hacked web host. After a few hours it seems that the new site address has propagated sufficiently so that you can work on tidying up your new site.
Now that you are into your new site you can import your posts, install your plugins and make any other needed adjustments. Now it is time to try and prevent this from ever happening again. If you do not have one installed yet, you need a plugin that will backup your blog automatically. WP-DB-Backup is an easy and free plugin that can email you a backup every hour, twice a day, once a day or weekly.
Just pick the best option for you depending upon your site activity. Make sure you get the email and keep it on your local computer. If you do any theme or site tweaking, be sure you also keep a copy on your local computer.This is our do it yourself approach. If you have the time, you could also hire a freelancer to come and fix your site for you. You should also checkout other security plugins and safety features for your new site.
However, they are not as easy to understand or install. Your best, fastest, easiest and cheapest solution is to have a current site backup.If you are hacked, just start fresh again – it will be 100 percent easier.