Unfortunately, hackers love targetting WordPress websites.
They are trying to get in via your WordPress Admin area.
The reality is, hackers already know two key elements about your login:
- where to login (ie www.yourdomain.com/wp-admin)
- your username (admin)*
* Now, how did we know your username was ‘admin’? By default, it is the username assigned during a WordPress installation and setup process and subsequently, billions of WordPress sites have the same username = admin. So, all the hacker has to figure out is your password and they are in.
Hackers use software that stores millions of common passwords, repeatedly trying to login. They also use something called Brute Force methods.
The bad news is a hacker may have already got in. We’ve heard thousands of instances where a hacker gets in, has a snoop around, adds some backdoor files and leaves without anyone knowing.
Sometimes they are just looking for sensitive data like credit card information. Others come back weeks, sometimes months later via the backdoor file they left earlier.
OK, firstly, if your site has been hacked and all you see is Hacked by Hacker, then see Hacked by Hacker Fix for our 2 minute fix.
If your username is ‘admin’, then you need to change it, and change it NOW! Heres how..
To rename your WordPress ‘admin’ user:
- Sign in as ‘admin’.
- Create a new user using the steps below.
- Choose a hard-to-guess username, but don’t make it so difficult that you’ll forget it.
- Make that user’s role “administrator”.
- Choose a password that has upper and lower-case letters and numbers in it. Symbols are OK too.
- Click “Add new user”.
- Sign out as ‘admin’.
- Sign in as the new user.
- Delete your old ‘admin’ user and assign all posts/pages/comments to your new admin user.
Congratulations, you now have a more secure WordPress website.
Finally, do you want to know if a hacker has been in without your knowledge? Do you want to secure your web site against attacks in the future?
Here are 3 steps you must take to find out and secure your website so it does not happen in future.
- Security Plugins | there are free and paid versions
WP Security Scan (websitedefender) is free and will scan your website for bad and weak files
In fact, if you search plugins for ‘websitedefender’, there are 3 free plugins that will go a long way towards securing your website
- Security Plugin | Paid
WordFence is very very good. Lots of advice, and regular mail advising you of risks. Its a small price to pay for peace-of-mind.
- TimThumb has been a vulnerability for a while now. It is often installed with graphic-related plugins and some themes, so you will want to know if it is installed and then how to secure it so you are not at risk. Search plugins (add new) for TimThumb Vulnerability Scanner.
When I get emails from website owners who have been hacked we start with an investigation before advising how to proceed. Every hack is different and by a different hacker. We look for things they have left behind. We find out there IP address and block it. We lock down the site to prevent future hacks.
Often, a WordPress web site can be unhacked and fixed in a few minutes (like Hacked by Hacker Fix). Unfortunately with other hacks, multiple files are affected and a full reinstall is required.
Either way.. drop us a line and tell us your problem and we’ll work with you to fix it.
Source: Hacked WordPress | What Next?