Knowledgebase: Hosting
Wordpress/Joomla Account (Cleanup/Recovery) Guide
Posted by Gene  , Last modified by Gene   on 28 November 2018 10:23 AM

Due to the nature of (CMS) Open Source Content Management Systems like Wordpress and Joomla, although easy to use and customize they are very prompt to being hacked. Many users are usually not even aware they are using compromised themes and plugins when designing their CMS sites. Therefore causing their sites to be targeted. While our servers are properly hardened and secured, we will not have control over the security and software that customers upload or install on our servers.

Kindly refer below for the cleanup guide should your site be targeted and has been compromised.

 

  1. Clean out everything in the account (some files might have security issues)
  1. Install brand new latest version CMS (Wordpress/Joomla) in the account. 
  1. Set a different password (Control Panel/FTP/CMS/Database) and change it regularly.
  1. Scan your PC/Laptop for any infections.

 

These links can confirm that the site is truly hacked.

(Wordpress/Joomla)

https://sitecheck.sucuri.net/

http://www.unmaskparasites.com/

 

Backup the whole works database and files.

(Wordpress)

http://codex.wordpress.org/WordPress_Backups

http://codex.wordpress.org/Backing_Up_Your_Database

http://codex.wordpress.org/Restoring_Your_Database_From_Backup

(Joomla)

https://docs.joomla.org/Backup_Basics_for_a_Joomla!_Web_Site

https://phpmyadmin.readthedocs.org/en/latest/faq.html#how-can-i-backup-my-database-or-table

 

Give these a good read if you haven't already.

(Wordpress)

http://codex.wordpress.org/FAQ_My_site_was_hacked

http://wordpress.org/support/topic/268083#post-1065779

http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/

http://ottopress.com/2009/hacked-wordpress-backdoors/

(Joomla)

http://forum.joomla.org/viewtopic.php?f=621&t=582854

https://docs.joomla.org/Security_Checklist_7

 

When you've successfully deloused your installation consider protecting and hardening it by going through official vendor references below.

(Wordpress)

http://codex.wordpress.org/Hardening_WordPress

(Joomla)

https://docs.joomla.org/Category:Security_Checklist



There are some 3rd party hardening tools which could aid in simplifying the process. However please note 3rd party applications provided below are for references only and support should be requested from the respective 3rd party vendors. APC takes no responsibility arising from using these tools which could cause but not limited to lost of data, corrupted databases and other issues related to usage of said tools.

(Wordpress)

https://wordpress.org/plugins/wordfence/

https://wordpress.org/plugins/gotmls/

(Joomla)

http://extensions.joomla.org/extensions/extension/access-a-security/site-security/admin-tools

(32 vote(s))
Helpful
Not helpful

Copyright © APC Hosting Pte Ltd. All Rights Reserved.