Wordpress - Malware / Phishing / hacked website, What to do ?

When your website has been hacked or been infected by events like phishing attack you will have to take certain preventive steps to make your website/server safer to avoid further more infectious activities. Change your password immediately and set a tougher one to get access back from the hacker. Contact your server admin and the developer to make changes or restore the earlier data.


If your websites are hacked or affected by malware,

  1. First Change your website admin password to a tough password. To know how to have a touch password.
  2. Check with support team to restore the backup, If your back up is also infected with virus or malware, You need to contact your web developer to fix the problem
  3. Once you restored from back up, Ensure to change your website admin password to a tough password. To know how to have a tough password, refer: http://forum.hostingraja.in/showthread.php?tid=80
  4. Install the security plugins as mention on this link: http://makeaweblog.com/configuring-wordfence-security/ or in this detailed guide: https://www.wordfence.com/wordfence-installation-guide.pdf
  5. Once installed scan your website for malware.

    To know more information about other problems, Read the links below.

    => http://www.digitalshangrila.com/web-design/wordpress/new-wordpress-malware-triggering-site-ahead-contains-malware-scan-site-fix/

    => https://support.google.com/webmasters/answer/168328?hl=en

    => http://www.unmaskparasites.com/malware-warning-guide/

  6. To know which files or how it got affected, you can use this link http://scanner.pcrisk.com/