Friday, 20 April 2012


Bloggers are working hard to create, manage and to run an effective blog that delivers the information to the audience but it is a nightmare if a blog has been hacked, since hacking on CMS system (wordpress, Joomla and drupal) is very common and there are many vulnerabilities are available on various CMS that an attacker might exploit. Let suppose you have worked hard to create a wonderful blog but the security of the blog was not good and your blog has been hacked so what do to do next, below are the some major general steps that are applicable on both wordpress and joomla and you really need to follow these:

Take Your Website Down 

Take your website down or simply make it inaccessible by the users because the attacker might have injected their malware or redirection code and they can easily redirect your visitor to the malicious website this ruin your reputation, since reputation the trust relation between you and your visitor is very important so do not forget to take the appropriate action to maintain the trust level. Kindly take the blog down and display the regular maintenance message.


Backup is very important and the backup management / strategy is an important topic of information security, although this copy of the blog has vulnerability and might be the malware code but still you need to backup because if something wrong will happen while the cleaning process then you would be able to restore your website in the current form, if you have made some previous backup when your blog was fine then it is good just restore them but you still need to follow the guild line below to ensure the maximum security.

Scan Your Computer

It might be possible that your computer has played an important role and it might be possible that your computer was a weapon of the hacker to hack into your blog, yes it is possible that the hacker has stolen the credential of your blog via your computer. So scan your computer for the possible backdoors, some backdoors has an ability to bypass the anti-virus and firewall so do manual check of your computer process, run a scan via anti-virus, anti-malware and do not forget to use firewall. It is always good if you have some keylogger detector software that can easily detect the possible keylogger.

Change the passwords

Change all of the credentials that are attached with your blog, your computer password, FTP password, SSH password, Cpanel password, database password and the wordpress / Joomla administrator password.

Find the possible malware

There are more chances that the attacker has injected their malicious code that can redirect and harm the user computer, so it’s time to scan your wordpress / joomla blog for this viruses, download the copy of your blog and scan it via your anti-virus software. The other way is manual checks, check the .htaccess file because .htaccess file is the target of the attackers to insert their code. Check the permission of all the files and folders.

Now if you sure that your blog is clean then upload it now other wise delete all the files from your web space (but backup before this) then install a fresh latest software of wordpress and joomla and then restore your blog (make sure the blog is clear from malware).

What do you think about it, do you have any other tips and do you have your story to recover a hacked blog then do not forget to share it with us via comment box.



  1. A very well post. I liked the post and have also bookmarked you. All the best for future endeavors
    cashew ice cream


Related Posts Plugin for WordPress, Blogger...

Yang Mana Pilihan Kalbu??