How I Recovered My Hacked WordPress Blog
Several bogglers suffered by hackers attack on their blog, and many of them loosed their years of work. My blog also recently hacked by Indonesian hackers.
Early morning when i opened my blog , I shocked my blog has been hacked, I am getting Flashy messages that your blog has been hacked by xo.hackers. I am not able to conclude what I have to do know.
My Blog Screenshot When it is hacked by hackers
So first I contacted Web hosting provider for their support, then I logged in to my c-panel account changed my password and then taken backup my wordpress SQL Database,after successfully downloading the database, deleted my wordpress SQL Database frpm C-panel.
After several hours of working my hosting support section removed hacker page from index page. But when try to login to wordpress admin section once again hackers page showed their existence. Once again I confused, where they implanted their script.
To find out hackers script,downloaded full backup of home directory from c-panel scanned thoroughly with Avast Antivirus and found several malicious scripts, uploaded by hackers and scripts are pointing towards adult sites, and trying to connect with adult video sites.
Mainly hackers modified
- htacess of cpanel
- Akismet plugin script
- Page.php of my WordPress theme along with several page scripts of wp-admin directory.
Succefully deleted those malicious script and uploaded original script. So Now my blog is free from hacker’s script. Then restored wordpress SQL database from backup. And also home directory. So I succefully recovered my blog in two days hard work.Those two days are night-mare and whole night i am not able to sleep.
So I had taken several preventive measures and security mechanism to prevent future attack from hackers.
- Along with strong password, also changed default admin username, by using plugin Change Admin Username.
- To keep track of my blog login attempts along with ip address, installed plugin Login Logger.
- Installed Login Lockdown Plugin to if more than certain number of login attempts detected in short period of time, then login function is disabled for that range
- Installed Admin SSL Plugin for secured login
- Changed login URL using stealth login plugin.
- Installed wp-security plugin to analyzing security status of wordpress blog.
Here I recommending several Popular Articles to Secure your WordPress Blog
Nagpur PHP Meetup – How to secure your WordPress Blog.
How to Stop Your WordPress Blog Getting Hacked
More From Tech-Chand
- How To Create Your Own Signature Online-My Live Signature
- How to Enable Sidebar in Windows 7
- Hide Drives In Windows With Hide My Disk
Tech-Chand Recommends
I enjoy reading the report, too. It?s easy to understand that a journey like this is the biggest event in ones
life.
good points,wp security is best plugin for security. you have taken such good ideas
Thanks Fareed for your feedback.
can u tell me which is better in invisible defender or user lockdown
You’re right, Chandrashekar! Indonesian are as*holes when getting to hacking stuff!