You applied methods to protect your WooCommerce Site. And you installed SSL certificate, too. However, WordPress is an open source in and by itself, making WordPress be an enticing target for hackers. And nothing is impossible. There is nothing strange when you wake up on a beautiful morning and doubt that your site has been hacked. Calm down, we can show you steps to resolve it.
Hacked Website-How to Realize?
Here are several signs that help you know if your site has been hacked recently or not.
The interface sites have been changed.
Hackers changed the homepage or links to your site. When trying to connect to the site, you can see the lines that hackers have inserted to, “hacked by…”, “God Verify…”, Security is low” to name but a few. Or another word, the hackers completely took over your Website.
Your site is embed into other strange sites.
You absolutely don’t know that hackers get links from your site or insert the HTML code into your website address until you click on a strange link and it leads you to a strange page. This is a popular way in order that hackers take advantage of your site and get traffic to their sites.
You should frequently check out backlinks to detect strange ones. An online tool you can use is smallseotools.com. You only need to enter your domain and wait for the results.
You can also click the right mouse button on your web and choose View page source or use the shortcut “Ctrl-U” to check the website HTML to notice “suspicious” sources.
Your site automatically sends or post spam and illegal information.
This may be due to the spam link injection.
Website monitoring system notices that many files have been changed.
Because even the best alert system is not able to monitor your site 100% of the time.
How to Fix it?
Don’t worry, you also have a second chance to fix your site.
Step 1. Backup your site
Restore the backup data is the first thing to do when your website has been hacked. There are thousands of files in the open source. And how many files are inserted into malicious code? Maybe one, tens or even hundreds. The easiest solution is that you delete all the existing database. After that, you restore the backup data. And you apply all the security methods again. Therefore, backup data frequently is very important.
Even though your Site has been hacked, you should need to backup because there are many value information you want to recover later. Moreover, finding and recorrecting files take a lot of time so you should backup your data first and fix it later.
Step 2. Identifying the source of the hack.
There are many ways for you to identify the source of the hack.
The most meticulous way is to download the source code of the website and check out every single line of code. You can utilize the help of those tools that help you search keywords, fileseek for example. You only need to enter keywords such as base64_decode, gzinflate(base64_decode, eval(gzinflate(base64_decode, eval(base64_decode.
Moreover, you can use following online check-out tools:
Unmask Parasites helps you check out hidden links, code, and malicious spyware.
Scan my server provides a full of security tests such as HTTP header injection, PHP code injection, SQL injection, Source Disclosure, Cross site scripting and more. You can also receive a summary report with detail information about the vulnerability via email.
Web Inspector helps you define threads related to Trojans, Backdoors, Malware, Blacklist, Worms, Suspicious connections and Suspicious frames.
There are also many other free choices. They are free WordPress plugins to detect malicious code in your site. I recommend you some of the best plugins such as Theme Authenticity Checker, Exploit Scanner and so on.
If you want to use stronger tools, premium plugins such as Sucuri or 6 Scan Basic. They can automatically help you check the entire website source code and then remove the malicious code every hour or every day.
Step 3.Cleaning the site
After identifying the malicious codes, let’s remove them immediately.
Step 4. Monitoring after the removal process.
It is very dangerous when you didn’t delete malicious codes completely or your website, after removal process, contains flaws. Therefore, you should carefully control the operation of your website to see whether there is a malicious code injection again or not. If there is, what does it come from?; What files are penetrated and changed? WP Changes Tracker and WP Security Audit Log plugins can help you monitor changes in activities and source code from your site.
There are tons of reasons why your site is hacked. And the silliest but the popular reason that I listen all the day derives from installation nulled plugin or free available themes from untrusted Websites. “There is no such thing as a free lunch”. Agree on it or not, it is always true, man.
However, in the worst-case scenario, calm down and follow the steps as above.