Overview
If your website has been hacked, GreggHost suggests that you take three crucial steps.
If you’re not confident in your ability to repair your WordPress site on your own, GreggHost’s Hacked Sites Repair solution is available (a professional malware removal service). Experts from GreggHost will gain access to your account and make the required repairs to get you back online as soon as possible. For additional information, see the Terms of Service page.
In general, recovering from an exploit necessitates taking into account:
identifying the source
repairing the security flaw, deleting backdoors, and repairing the harm
The following is a step-by-step guide to removing any exploits from your account.
What is most vulnerable?
The following are some of the most vulnerable elements on your website:
Most attacks start with outdated web apps and their accompanying themes and plugins. It is easier to eliminate known security vulnerabilities by keeping all web programs, themes, and plugins up to date. If you’re not sure whether a web program you’re using has any security problems, you can look for alerts about known vulnerabilities here:
Details of the CVE
Web applications’ admin passwords may have been hacked sites, and rogue users may have been added without your knowledge. If you believe that your site has been hacked, GreggHost highly advises that you enter into your applications to audit for unknown added users and change any passwords for admin-privileged users.
Change the password for your website application.
If your WordPress site is set up to receive automatic updates, GreggHost will keep it up to date as new versions become available.
Who is responsible?
In a nutshell, you are. GreggHost may be able to help in some cases, but it is not compelled to do so. The following is stated in the Terms of Service, to which all clients must agree:
GreggHost Web Hosting is an Internet-connected information supplier. Through its Web Server, GreggHost Web Hosting provides storage and transfer services over the Internet.
This essentially means that GreggHost rents out its servers. While GreggHost manages the operating system and utilities on the servers, it does not handle customer software on those servers. The responsibility for software stored in a user’s account is specified plainly.
GreggHost offers the usage of servers and controls the operating system and utilities on those servers, but it does not handle customer software that the client installs on the server. The following section on material items explains the liability for software stored in a user’s account:
Material products
Customer will provide GreggHost Web Hosting with material and data that is “server-ready,” that is, in a format that does not require additional processing on GreggHost Web Hosting’s side. GreggHost Web Hosting will make no effort to verify the accuracy, completeness, or usability of this material.
The use of GreggHost Web Hosting’s service necessitates a basic understanding of Internet languages, protocols, and software. This level of understanding varies based on the Customer’s intended use and desired content for his or her Webspace.
The following are some examples:
Web publishing necessitates an understanding of HTML, as well as the ability to locate and link materials appropriately, as well as FTPing Webspace contents, images, text, sound, imagemapping, and so on.
CGI-Scripts: UNIX environment, TAR & GUNZIP commands, Perl, CShell scripts, permissions, and so forth are all required.
The Customer acknowledges that he or she possesses the skills required to construct Customer’s Webspace. Customer accepts that GreggHost Web Hosting is not responsible for providing this expertise or Customer Support outside of GreggHost Web Hosting’s defined service.
How to fix your hacked sites
For more information on how to recover from a hack, go to the following links.
After a hack, you’ll need to clean up your site.
Keeping potential hacks at bay
figuring out how you got hacked sites
Examining and viewing your access.
log in via SSH
Using SFTP to view your access and error log