Do you remember few weeks back their was a news all over that lots of
WordPress blogs has been hacked.Some WordPress blogs was completely hacked but
some are planted with backdoor scripts so the attacker can log in again on any
other date and some are infected by Trojan horse and the attacker is getting
the juicy information and the owner didn`t know about that.Blog owners usually
fall into panic that they have been hacked and now what to do.
Blog owners
when heard the name of hack, immediately
start to find bugs and loopholes in their WordPress blogs.WordPress is so
widespread that blog owners spend hours to find loopholes in their WordPress
and in the hosting server where the WordPress blog is hosted. There is no need
to worry we can get your blog back up and running quickly there are some
signals to know that you are hacked and some precautions to know for future so
you shall never hacked again.Cheak Your Wordpress Root
You first look for weird looking statements in your blog code the easy
method to do this to download your site and search for weird looking code like
above in your pc
eval(base64_decode(” Encripted code or irrelevant code goes here “);
Cheak Your Blog Home Page
Many of the bloggers don`t usually visit their homepage and they don`t know
that their blog has been redirected to a malicious site so you should visit
your homepage cuz redirection is from home page not from the post page or any
other static page.
Google View
Cheak your blog view at google that how your blog is seen at google SERP.
“site:Allbloggingtips.com”
This will tell you how google see your blog because some of the hack
attacks change your page title to Viagra
ad or some other recreational sites.
Search Keywords To Your Blog
You should check your keyword section for your blog that which are the
keywords that are bringing the visitors to your blog if they are the keywords
which are irrelevant to your blog e.g
Viagra , or some other which does not belongs to your blog niche then
this can give you a heads up
StrangeDatabase Tabels
Remember that your blog theme and blog plugins can make their own tables
too.So look for weird looking tables .I have studied a hack which can create
lots of tables full of malware and can
cause swear damage to your blog.
Look Your .htaccess File
The .htaccess file in your blog can be edited and a 301 redirect can be
created and it can be redirected to a malware site so if you are watching your
blog .htaccess from a client make sure that ftp client shows all the hidden
files a good .htaccess file looks like this
# BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress
If there is any difference in it so it can also give you a heads up.
Cheak Your Permalink
In these cases I have seen that a spam looking code can be seen after the
real post Url it could be seen like this
“%PostUrl%/%&({${eval(base64_decode($_SERVER[HTTP_EXECCODE]))}}|.+)&%/”
Some Quick Steps To Handel It All Fast
Remove unused themes and plugin
Remove all the plugins and themes which are not in use so your wordpress
should be clean sweep
Install New Scripts And Themes From The Same Source
Install new scripts ,plugins , themes from the same developer so there
could be no infected file left on the server.If you have edited your theme e.g
fotter or header so you have to do it again.
Change All Passwords
Change all your passwords including ftp client, hosting account and your wordpress
login and your adminlogin.php.
Update WordPress
Update your wordpress to a new and clean version from wordpress.org and
also install all of your plugins and theme new one from the same developer.
Watch Permissions On Your Site
You should barely watch permissions on your blog that the visitors are allowed to see the directory
or not that which host I am using which framework I am using.
Cheak Your Webhost
You should always choose a decent webhosting service for your blog there
are thousands of services that offer really great and cheap deals for wordpress blog but there security sucks a
lot in my suggestion Hostgator is best of all .Fast ,good customer support and
really the best security ever
Use strong Passwords
Always use strong passwords for your blog login, ftp client login cuz if
you use a low standard password it can be cracked easily .Use
uppercase,lowercase,underscores,dots and long passwords e.g
(“?/BLoGGing./,-heaven_”).This Could
majorly help you.
Protect Your Wp-config File
You should move your wp.config file above the wordpress files so it can
only be seen by you.
Security Plugins
The security plugins will not completely protect your blog but makes some
problems for the attacker to attack your blog but I recommend you to use them.
Hide Things
Hide your information from the normal visitors that which plugins are you
using which host are you using if you
are hosting multiple blogs on a single server make sure you keep their database
under separate usernames.Your visitor should not be able to view your
directory.
From The Author`s Desk > > >
I am sure you will really find this tips helpfull if you are using wordpress it is true that wordpress is lot more better from blogger in case of seo but in case of security their is no doubt it is google bcz you have to secure yourself on your own if you are using wordpress but on blogger all this fuss.. is handeld by Google itself.So let me know in comments what do you think about it
I was prity late this time to bring such kind of brilliant post for you cuz i have exams so i have to focus on them so happy blogging stay blessed and pray for my exams Peace