Is your website acting weird?
In today’s online business world, having a WordPress website is essential. You’re busy enough running your business, suddenly one day your website is acting like it has a mind of its own and you start wondering if you’ve been hacked. Chances are you have been and here are 3 signs that your website is hacked and how to avoid them.
A sudden increase in spam
You’re getting a lot of spam comments and spam emails from weird email addresses. These comments tend to show up in high numbers and no matter how many times you delete them, you keep getting more of them every day. That’s a good time to activate Akismet. I’ve also provided more tips on this episode 3 Tips to Fry the Comment SPAM on Your Wordpress Website.
Your website has users that you didn’t add
When you click on “User”, then “All Users” on your WordPress dashboard, you notice additional usernames that you did not add yourself. Worst, some of those users have an “Administrator” role. Remove those users immediately especially the ones with admin level permission. Consider installing a two-factor identification plugin like Clef Two-Factor Authentication.
Your website redirects to other websites
People are reporting to you that when they visit your website on a mobile device, it takes them to a shopping website, a phishing website or worst a porn site. You should get this cleaned up right away.
These are tech monsters that you absolutely do not want to deal with, they can be an entrepreneur’s nightmare, but the good news is that you can recover from them.
This type of backdoor hacking is a method that hackers use to bypass security so they can do whatever they want with your website. In order for them to continue to do so, they require a hiding place.Further clean-up steps will keep your website from being hacked and here are a few you can apply today.Click To Tweet
Delete themes that you’re not using
There are generic themes that come pre-install with the WordPress platform, they’re not that pretty so people rarely use them. They also keep them around and this is the ideal place for hackers to hide that allows them to survive any upgrades. Access your files via your web hosting dashboard and delete those themes.
Delete plugins that are not updated and plugins you’re not using
People rarely check their plugins and this is the favorite place for hackers code to survive. Some of those plugins are never updated and are poorly coded. Do a plugin inventory and check the last time they’ve been updated. More than 1 month, they have to go. If you’re not using a plugin, permanently delete the files. You can always re-install it when you need to use it.
Remove PHP files on your upload folder
Yep your upload folder in your media file, a place you would never think to check. You can access your upload folder using your web hosting dashboard. PHP files are the perfect backdoor exploit and they do not belong in your media folder. If you see such files, remove them immediately.
Protecting your website has more to do than just protecting you. You are also protecting your visitors. These are 3 actionable steps that will take you less than 15 minutes to complete. If you feel overwhelmed dealing with those tech monsters, stop by my Facebook group, Website & Social Media Lab, I am happy to answer your questions.