Help! I’ve had a plugin hacked!

Having a plugin hacked on your website is a horrible thing to happen. Firstly there is the reputational damage – a hacked plugin can mean your website automatically redirects somewhere unpleasant, is covered with adverts for unsavoury things or simply isn’t there. The plugin hack can also lead to longer-term damage if search engines such as Google decide to blacklist your site. And apart from all that, there’s the hassle of getting it fixed.

But, let’s face it, you don’t need me to tell you that having a plugin hacked is a bad thing. What you really need to know is what to do if you’ve had a plugin hacked on your WordPress website.

What to do when you’ve had a plugin hacked

  1. Undertake a full anti-virus scan on your own computers and fix anything you find. It could be that the problem started on your machine and could easily happen again if you don’t fix it.
  2. Change the passwords you use to access WordPress and make sure they are secure and hard to crack.
  3. Alert your hosting provider because they may need to take steps themselves.
  4. Backup the hacked version of your website so you have access to information you might need as you move to one of the following two steps.
  5. If you make regular backups, restore the previous version. This is the easy solution, but does assume that you take regular backups (and if you don’t, you should…).
  6. If you don’t make regular backups, the options are much less palatable. You can either attempt to find and remove the hack or start from scratch…
  7. Once you’ve restored your website and it’s back up and running, change the password again.

If you don’t feel confident undertaking any or all of steps two to seven after you’ve had a plugin hacked, contact a WordPress development agency, who will be able to help. And if you want to minimise the damage caused by having a plugin hacked again in the future, ensure that your site and all its plugins are kept up-to-date. You can do this yourself or invest in a WordPress support package that gives you the reassurance you need.

Give your customers a better experience online - join our monthly newsletter

Each month we send out a newsletter tailored to your industry.