How My WordPress Website Got Hacked and How I Recovered

My WordPress website was hacked, and it was super embarrassing.

Just when my recent blog post about why you shouldn’t download nulled versions of BackupBuddy was starting to rank well for various keywords and gaining some decent traffic, my site began to redirect to another website. I couldn’t log into my website at all. I wasn’t able to find much information about this particular hack to fix it especially since I couldn’t gain access to my site.

However, I still had access to my server, and because I had an awesome disaster and recovery plan I was able to return my website back to a running instance quickly.

Why did my Website get Hacked?

I have not figured out what exactly happened. It could have been a bad plugin, which is making me reconsider what plugins are really necessary. I’ve always felt that the plugins that I’ve chosen were solid, but time to weed out plugins whose features can be moved to a functions.php file or other implementation.

I had also moved to Austin, TX, and not updated my site as I normally had done. I’d say this was my biggest mistake. I should have found time to maintain my website. I knew this in the back of my mind, and I didn’t commit to it.

How I Recovered My Site

Typically, I wold have ran a BackupBuddy recovery using importbuddy.php. However, since my website and dashboard was redirecting to another website, I was unable to access my site from a browser. Therefore, that was out of the picture.

Since I still had access to my server, I was able to utilize Digital Ocean’s backups and recover my site from a version that was less than one week old. Given that I didn’t have any new publishes or changes made to the website, this was fine and worked.

What are the Plans for the Future?

Essentially, better maintenance and updating of the website and platform on a more regular and automated basis.

I’ve previously created Bash scripts that check the site’s core installation, theme, and plugins for any known CVE vulnerabilities, created a full site backup, then optimizes the database, and notifies my by email was updates are available. However, the CVE vulnerability check stopped working. Since I was busy moving, I never had a chance to see this gap. However, this has been corrected as of late.

I don’t believe in automatic updates as any update can cause problems and I like to test updates, especially core and theme updates, very carefully before I commit. So my future automation will take that into consideration.

How Do I Feel About This Now?

I’m okay about it. It’s embarrassing, but I’ve also realized that it’s okay. It happens. I had a plan to recover and executed it perfectly. This happens with WordPress websites, and it gives me a chance to recognize the gaps in my WordPress maintenance and re-commit to what’s necessary for my website.

The absolute worst thing about this is that I lost lots of momentum with some SEO traffic for my BackupBuddy article, but that’s the name of the game. I believe if I continue to work on creating a great website, I don’t have much to work about long-term and my rankings will return.