I was recently victim of a WordPress redirect hack on my blog. It has been a terrible and stressful few days that I hope none of you will ever experience. Like all negative events, you always learn something and always try to find the positive side in it. In this post, I’m going to tell you just about everything I learned and everything I definitely won’t do again.
It was a terrible few days where negativity flooded my thoughts and emotions. I thought I was going to throw away everything I had worked on for years. Sure, it was a hobby, but one that required a lot of effort, dedication, time and money. The world was collapsing in my face just thinking that I would have to start all over again. Fortunately, I overcame this moment and went back to normal (also because otherwise you wouldn’t be reading this post hahah ).
Table of Contents
WHAT IS A WORDPRESS REDIRECT HACK?
WordPress has been hacked and is infected with a malware which sends visitors to a spammy or phishing sites.
Attacker exploits vulnerabilities present in your wordpress site via a backdoor or malicious scripts which are hidden in source code. In some case, it also throws a 404 error for your wp-admin area.
This could be due to an infected wordpress plugin, malware injected .header.php and footer.php or .htaccess.
( Source )
What problems does it involve?
Unfortunately, being attacked by a WordPress redirect hack is not just a temporary stress but leads to a series of long-term and some even permanent issues. In this section I will list all the negative aspects of this hack.
The main reason hackers do this kind of attack is because they make money from your website.
Almost everything’s reason for mean attacks are MONEY.
–Loss of SEO.
As far as the actual damage to bloggers is concerned, the first most important one is the loss of SEO. Rest assured that Google will penalize your site and it will probably go straight on Google’s black list. Sometimes it might even display the words “this site may have been hacked”.
At the moment, in fact, the views on my site have dramatically dropped and are struggling to rise again despite the fact that a couple of weeks have passed. Unfortunately, much of what I have been working for has kind of fallen apart and I am very upset about that.
–Loss in Trust
Your brand will lose out as customers or brands interested in collaborating will lose their trust in you.
–Money Loss.
You will lose money revenue Loss if your website uses an e-commerce to sell products this hack could lead to a huge loss of money.
These are just some of the problems I have experienced and know about, but if you know of any others please let me know in the comments!
HOW TO DETECT A WORDPRESS REDIRECT HACK!
You can tell you are the victim of a WordPress redirect hack if when you try to reach your website (usually through search engines) you are redirected to other spam sites.
I tried to solve the problem as soon as possible because at the beginning the redirects were driven to sites such as trading on line or similar, but I knew that sooner or later they would move to pornographic sites.
READ MORE: How To Plan Your Blogging Week To Avoid Procrastination
HOW HACKERS WORK!
Their moves are simple:
-Adding theirself as ghost administrator on your website.
-Injecting or uploading malicious code to your WordPress site
-Executing .php code
HOW TO FIX A WORDPRESS REDIRECT HACK
So, let’s say that the solution was not quick and intuitive as I thought it would be. In the beginning, I tried to solve the issue with my own strength and skills. I read a lot of blogs from colleagues who had the same experience as me and from bloggers who do this for a living. I followed tutorials on YouTube, all of them very useful and detailed, but they were not for me. Let me explain, we can also receive the same hacker attack but it will not happen for everyone in the same way, it depends on the hacker and his skill. In my case, I received a WordPress redirect hack. This means that every time you were trying to reach my blog my site was redirected to spam sites.
The first step to take to get your site back to normal is to identify the malicious code in the html of the blog or site.
Usually this code can be found in the footer or header, but as I said before, not all hackers act in the same way.
Also, ask yourself whether you have recently installed any new plug-ins, as the malware could be hiding there.
If, on the other hand, your computer skills are not at their best (as in my case), rely on professionals as I have done in order not to make things even worse.
I think they are the best in this field. And I only want the best for my blog.
If, on the other hand, you like to act on your own because you are passionate about it or simply understand it, I suggest you to consult this page because it is very detailed and will certainly help you.
WHAT TO DO AS SOON AFTER
ABSOLUTELY install an antivirus plug-in on your blog. I opted for Site Lock which has very good reviews and is also discounted if you buy it through your site host. Mine is Blue Host.
The second thing to do is to always update WordPress and its plug-ins.
I hope this post will help you but at the same time I hope you will not run into this kind of problem.
If you unfortunately know what I’m talking about, let me know your experiences in the comments below.
