WP – I’ve been hacked. What do I do now?

The Exploit Scanner plugin can help detect damage so that it can be cleaned up. Other things you should do:

  • Change passwords for all users, especially Administrators and Editors.
  • If you upload files to your site via FTP, change your FTP password.
  • Clear FTP logs on your local machine, especially if you are using FileZilla on Windows
  • Re-install the latest version of WordPress.
  • Make sure all of your plugins and themes are up-to-date.
  • Check permissions of your files/folders in the install.
  • Check .htaccess file (Apache) for any additional rules added.
  • Update your security keys.
  • See FAQ My Site Was Hacked.
Advertisements

2 thoughts on “WP – I’ve been hacked. What do I do now?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s