Back

Hacked website aftercare

24 February 2021

kayleigh

Logging on to find out your website has been hacked can be a distressing time, to say the least. As part of the service on our WordPress Hosting package, we at 34SP.com offer a hacked site cleaning service to help you to get back on your feet. The process is outlined here.

Our hack cleanup process usually results in the restoration of custom posts, pages and users. We also remove and re-install your plugins from fresh versions available at the WordPress repository.

In most cases, this will put you back in a position where you are back on your feet after reconfiguring your plugins.

In some cases, however, there might be some tasks that need to be completed by the user after a hack occurs. Here are some example scenarios and what you can do to action them after your cleanup is done.

1. The theme could not be restored

Our hack cleanup process will re-install your theme if it is available from the WordPress repository as a new version. But in some cases you could be using a premium theme from a developer’s website, or have your own custom theme coded specially for your website.

These are cases where we do not have access to the original, secure files of the theme. Our hack cleanup process in this case would put you on the default theme for WordPress.

In this case it would be up to you to re-install your theme. You can do this by either logging into your account with your premium theme provider and downloading the files, or if you have a custom theme your developer could possibly provide you with the original files.

Insecure theme code is one of the most common reasons we see hacked websites, so it’s important that we install the theme from a clean and up to date copy. In very rare cases we can restore a theme from our own backup system, but we strongly advise against it.

2. Missing plugins

Similarly to themes, we will re-install your plugins from fresh versions available in the repository. In a lot of cases, this will not include premium plugins; those will likely need re-installing from their respective websites.

Some plugins require keys and licence codes to work properly and depending on how they are stored within WordPress you may also need to re-locate and input those codes.

There are also some cases where plugins are bundled in with premium themes, so if that’s the case you would need to re-download them from your theme provider’s website.

3. Remaining spam posts and pages

Our hack cleanup process will restore your posts and pages, it is very rare harmful code is inserted into posts so we export them to an XML file, and import them to the clean site.

Occasionally some hacked sites will find their posts or pages have a lot of new spam posts. These posts are usually harmless, but annoying when mixed in with your genuine content.

We do not delete spam posts, because in a lot of cases the posts will be designed to mimic genuine content from the website, so we can’t always tell which posts are spam and which are not.

In this case you would need to login and delete the spam posts yourself. We can assist in cases where there are clear patterns in the spam posts to help us easily delete them without accidentally touching real content, but in most cases the deletion of spam posts is better handled by yourself, as nobody knows your website better than you!

4. Spam comments

Spam comments are handled similarly to spam posts, we do not delete them as part of the hack cleanup process, as it would be easy to accidentally remove genuine comments if we did.

We can however mass delete comments marked as ‘spam’ or ‘Unapproved’ – so in most cases we would ask you to approve the comments you want to keep, and then ask us to delete the pending comment queue after you have checked through. we would not delete anything in the comments without your instruction.


The hack cleanup process we use is thorough, strict and standard across our managed hosting, so in some cases you might prefer to have your own developer take a look who can tailor a cleanup more towards your own site’s needs. In those cases we are happy to assist with malware scans before and after, and offer advice during.

If you ever need our hack cleanup service we will always try to get you back on your feet as much as we can within the scope of what we have access to. You can always follow up with our support team if there are uncertainties or issues after a hack cleanup.

kayleigh

Kayleigh is a member of our Customer Experience team here at 34SP.com. You’ll often find Kayleigh socialising at tech meetups throughout the UK. When she’s not learning about WordPress, Kayleigh loves to travel and is passionate about the WordPress community.