Daniel is a senior web apps engineer at SiteGround web hosting company. His years of experience in cleaning hacked websites and patching vulnerabilities that affect different applications like WordPress, Joomla, etc. have helped him work effectively on many of the security relates projects of the company. When he’s not busy in making the web a safer place, you can see him practicing extreme and not so secure sports while traveling the world.
“Danger: malware ahead!” and “This website may harm your computer” are the two sentences that I hate most and that I don’t want any of my clients to see when they open their website. If you have seen any of them on your own website, then I’ll bet you still remember your panic attack and how you struggled to get your website up and running ASAP.
Many great articles show how to prevent a website from being hacked. Unfortunately, unless you take it offline, your website is not and will never be completely unhackable. Don’t get me wrong, you still need to take preventive measures and regularly improve your website’s security; however, responding accordingly if your website does get hacked is equally important. In this article, we’ll provide a simple seven-step disaster-recovery plan for WordPress, which you can follow in case of an emergency. We’ll illustrate it with a real hack and specific commands that you can use when analyzing and cleaning the website.