Troubleshooting for WordPress website being hacked and redirected to other websites

Many enterprise websites do not have special security personnel and are not aware of website security. How can we solve the problem of website jumping to other websites after being hacked? Here, Daddy, let's share with you the basic troubleshooting methods for the website being hacked.

Our website is harassed by malicious crawlers almost every day, but it is not hacked, so you cannot detect it. If the website is hacked, don't panic. Follow the steps below to find out and solve it step by step.

Step 1: Ask the hosting service provider for help

For example, foreign traders use more SiteGround , or Bluehost. The package includes security items such as malware scanning.

You can directly send a work order to ask customer service for help.

If the service you purchased does not include this item, you will have to do your own troubleshooting.

Step 2: Check the server file

Log in to the server and check whether there are unknown files or folders in the directory of the website. Usually, files with disorderly names are very suspicious.

You can also judge by the file creation time. If you haven't uploaded a file to the server recently, the latest file is very suspicious.

The most reliable way is to find an experienced technician to help you analyze. If you can't find it, you can make a simple judgment by comparing it with the default directory list of WordPress (although you may not be able to determine which files are generated by normal plug-ins.)

The red box in the figure above is the WordPress core file.

The wp content folder contains some folders uploaded by the website, such as themes and plug-ins.

Wp-config.php is the website configuration file generated during website installation.

Step 3: Reinstall WordPress

You can first back up the website, and then reinstall Word Press.

Note that during reinstallation, other files except the uploaded image files should not be uploaded to the website server again.

Themes and plug-ins are downloaded from the official website and then uploaded to the website, so as to prevent plug-ins and themes from containing malicious code without your knowledge.

Step 4: Install a security plug-in

At this time, the trojan file usually no longer exists, but to avoid some malicious code hidden in your article, we can install some security software to help you solve it.

Related articles:

• WordPress security plug-in recommendation: Defender Security_malware scanning_firewall
• Protect WordPress Website Security_Wordence Firewall Professional Edition Download
• Six popular WordPress security plug-ins in 2021

After completing the above work, if your website is not particularly troublesome hacker intrusion, then the trojan files should have been removed.

Next, you need to do a good job of server security.

For example, setting a complex server password, upgrading server systems and components, upgrading website versions and plug-ins, etc.

For more information on WordPress security, please visit Corresponding topics 。