WordPress – Recommended Actions after Site is Attacked

This post will discuss about tools that site owners need to consider when they suspect that their sites affected by any virus, malware or attacked.

1.Rollback to the most recent backup
-Backup is important for a site. The more frequency you backup your site, the less data you lost.
-The fastest and safest actions for resume site in case you have a backup are:
+delete all the database
+delete all the source files
+resume the database and source files by the most recent backup

2.Scan for malware and suspected codes
-After you resume the site to the latest backup version, are you sure that it is clean, no malware, no suspected codes?
-You should first down your site to offline to check for security. You need to make sure there is no bad codes in site before resume it online
-Some of the commercial tools that you need to use to check for the site safety as: Sucuri or 6Scan Basic. By using one of these tools, your site is scanned for malware for an interval of times. When there are any malware found, Sucuri staffs will help you to remove.

3.Scan file .htaccess
-You need to check if the file .htaccess contains illegal iframe or redirect codes.

4.Check site on local
-If you can download and build the site to run on local host. You can use tools to scan the site as:
+In Windows, you can use the tool FileSeek to detect for malware
+In Linux, Linux Malware Detect is helpful to detect suspected code

5.Monitoring after Change
-After the site is fixed and resume to online. Is that ALL? No, actually, how can we sure that the site is 100% safe? We need to monitor the site closely
-There are two WordPress tools that can help us to do as: WP Changes Tracker or WP Security Audit Log

Add Comment