Hacked WordPress Blogs and What to Do About It

Hacked Blog

I have many, many WordPress blogs. Before WordPress, I used several other blogging platforms.

Although I still use these other platforms, WordPress is my favorite. If I want to create a site, my brain defaults to WordPress.

This means that I’m NOT thrilled that WordPress has become a magnet for hackers. After going through several hacks, I thought I’d become blasé about it, but a hack still infuriates me.

Last night, when I noticed that the RSS feed to one of my blogs had vanished, I tried to access the blog. However, all that appeared was a “password” dialogue box. Oh geez, give me strength… ANOTHER expletive deleted HACK.

Normally it wouldn’t be a problem. However, my blog technician’s on vacation, so I had to find someone else.

I did, on fiver — all fixed.

You’d be amazed at what you can find on Fiverr.

I thought this was cute:


The problem with my WordPress blog turned out to be the Jetpack plugin, which contains many other plugins. One had a vulnerability, and some smarty took advantage of that.

What to do if your WordPress blog is hacked

If you’re anything like me, you’ll panic. Don’t do that, it’s not necessary. Your blog can be fixed, often it’s something very simple. My first option is always to get someone else to fix it, I’m a writer, not a technician.

You’ll find some solutions online. Do a Google search for whatever the problem seems to be.

For example, if suddenly your WordPress site comes up as someone else’s site (often a porn site) it can mean that your .htaccess file was hacked. TellingDad has a fix.

Once you’ve fixed the problem, Savvy Scot has some great advice for keeping your WordPress blog safe:

Firstly, I would recommend that you turn off the feature that users can automatically register in WordPress. This is something that I had turned off originally, but after updating WordPress, it must have reverted to allow this. Consequently, I had about 180 ‘subscribers’ register with bogus email addresses. I am sure that there is some sort of vulnerability in WordPress where this might allow users to gain access to a subdirectory of the WP-INCLUDES folder.

So, in summary, if you get hacked, try to relax; it will be OK. Your blog will be fine. Try to fix it yourself if you can, if you can’t there are people who can help.

Happy blogging… :-)

And I should add — if you need help with your blogging, you can contact me and tell me what you need. Or just contact me to chat, either on Twitter — @angee — or on Google+. If you dislike social media, send me an email message.

photo credit: drakegoodman via photopin cc

Author: Angela Booth

Copywriter Angela Booth's clients tell her she performs "word magic." Whether she's writing advertising materials, Web content, or ghostwriting for her clients, she's committed to helping them to achieve results, fast. Author of one of the first books about online business, Making The Internet Work For Your Business, Angela's written many business books which have been published by major publishers. She's an enthusiastic self-publisher and writing teacher.