Do you remember few weeks back their was a news all over that lots of WordPress blogs has been hacked.Some WordPress blogs was completely hacked but some are planted with backdoor scripts so the attacker can log in again on any other date and some are infected by Trojan horse and the attacker is getting the juicy information and the owner didn`t know about that.Blog owners usually fall into panic that they have been hacked and now what to do.
Blog owners when  heard the name of hack, immediately start to find bugs and loopholes in their WordPress blogs.WordPress is so widespread that blog owners spend hours to find loopholes in their WordPress and in the hosting server where the WordPress blog is hosted. There is no need to worry we can get your blog back up and running quickly there are some signals to know that you are hacked and some precautions to know for future so you shall never hacked again.



Cheak Your Wordpress Root


You first look for weird looking statements in your blog code the easy method to do this to download your site and search for weird looking code like above in your pc

eval(base64_decode(” Encripted code or irrelevant code goes here “);

Cheak Your Blog Home Page


Many of the bloggers don`t usually visit their homepage and they don`t know that their blog has been redirected to a malicious site so you should visit your homepage cuz redirection is from home page not from the post page or any other static page.

Google View


Cheak your blog view at google that how your blog is seen  at google SERP.

“site:Allbloggingtips.com”

This will tell you how google see your blog because some of the hack attacks change your page title to  Viagra ad or some other recreational sites.

Search Keywords To Your Blog


You should check your keyword section for your blog that which are the keywords that are bringing the visitors to your blog if they are the keywords which are irrelevant to your blog e.g  Viagra , or some other which does not belongs to your blog niche then this can give you a heads up

StrangeDatabase Tabels


Remember that your blog theme and blog plugins can make their own tables too.So look for weird looking tables .I have studied a hack which can create lots of tables  full of malware and can cause swear damage to your blog. 

Look Your .htaccess File


The .htaccess file in your blog can be edited and a 301 redirect can be created and it can be redirected to a malware site so if you are watching your blog .htaccess from a client make sure that ftp client shows all the hidden files a good .htaccess file looks like this

 # BEGIN WordPress <IfModule mod_rewrite.c>  RewriteEngine On  RewriteBase /  RewriteCond %{REQUEST_FILENAME} !-f  RewriteCond %{REQUEST_FILENAME} !-d  RewriteRule . /index.php [L]  </IfModule>  # END WordPress

If there is any difference in it so it can also give you a heads up.

Cheak Your Permalink


In these cases I have seen that a spam looking code can be seen after the real post Url  it could be seen like this

“%PostUrl%/%&({${eval(base64_decode($_SERVER[HTTP_EXECCODE]))}}|.+)&%/”

Some Quick Steps To Handel It All Fast


Remove unused themes and plugin


Remove all the plugins and themes which are not in use so your wordpress should be clean sweep

Install New Scripts And Themes From The Same Source


Install new scripts ,plugins , themes from the same developer so there could be no infected file left on the server.If you have edited your theme e.g fotter or header so you have to do it again.

Change All Passwords


Change all your passwords including ftp client, hosting account and your wordpress login and  your adminlogin.php.

Update WordPress


Update your wordpress to a new and clean version from wordpress.org and also install all of your plugins and theme new one from the same developer.

Watch Permissions On Your Site


You should barely watch permissions on your blog that  the visitors are allowed to see the directory or not that which host I am using which framework I am using.

Cheak Your Webhost


You should always choose a decent webhosting service for your blog there are thousands of services that offer really great and cheap deals  for wordpress blog but there security sucks a lot in my suggestion Hostgator is best of all .Fast ,good customer support and really the best security ever

Use strong Passwords


Always use strong passwords for your blog login, ftp client login cuz if you use a low standard password it can be cracked easily .Use uppercase,lowercase,underscores,dots and long passwords e.g   
(“?/BLoGGing./,-heaven_”).This Could majorly help you.

Protect Your Wp-config File


You should move your wp.config file above the wordpress files so it can only be seen by you.

Security Plugins


The security plugins will not completely protect your blog but makes some problems for the attacker to attack your blog      but I recommend you to use them.

Hide Things


Hide your information from the normal visitors that which plugins are you using which host are you using if  you are hosting multiple blogs on a single server make sure you keep their database under separate usernames.Your visitor should not be able to view your directory.

From The Author`s Desk  > > >

I am sure you will really find this tips helpfull if you are using wordpress it is true that wordpress is lot more better from blogger in case of seo but in case of security their is no doubt it is google bcz you have to secure yourself on your own if you are using wordpress but on blogger all this fuss.. is handeld by Google itself.So let me know in comments what do you think about it
                     I was prity late this time to bring such kind of brilliant post for you cuz i have exams so i have to  focus on them  so happy blogging stay blessed and pray for my exams Peace
 
Top