Weekend Wordpress Security Tip: What To Do When Your Blog Is H4CK3D

Filed under Security.

(H4CK3D is the popular term for “Hacked” as the numbers refer to 4 being an A and 3 being a E)

So, everyone will have this happen to them at one point in time, It’s just a matter of when and will you be prepared for it? Since Wordpress is open-source (meaning it is free to use and modify to any person’s will), people that have little to do, have a few amount of friends, go out to little to none parties social events, will sit at home and try to find ways to exploit the community generated code.

What does this mean for you? A living hell (if not prepared, of course) once they decide that your blog would be fun to ruin.

The Fix:

For hackers, there are none. Plugins will slow them down, but it won’t eradicate them.

For protecting your blog from an attack is really quite simple. Follow these steps to completely backup (Save) everything you have on your blog hosting account:

1. Login via FTP to your blog directory. (I recommend FileZilla.. I use it for everything)
2. Click and drag the directory that contains all of your wordpress files to your desktop or preferred storing space - you can move it later. (This will take roughly 15 minutes if you have plugins, themes and the entire Wordpress install.)
3. Once complete, you now have one half of a working copy of your blog - We aren’t done.
4. Login to your Cpanel account (I don’t think any web hosting will give you a web-hosting account without it).
5. Find the “PHPMyAdmin” under MYSQL Databases and click on it.
6. You now will have a screen, asking you to login to your MYSQL database. It is not the same as your Wordpress’s blog, and will likely require you to search your emails/desk for the username and password.



7. Once you’ve logged in, click the dropdown box on the left and find the database that hosts your Wordpress account. The correct one may not be so obvious by the name of the database, So I’ve installed a brand new Wordpress on my local computer to tell you that it has 10 tables in it (I also wanted to do something else that is Wordpress related.. Testing you could say).
8. When the correct database is found, simply click on it and then click on the tab called, “Export“.
9. Make sure the following settings are checked/unchecked. (taken from wordpress.org)

Look at the left box at the top of the Export section. All the tables in the database you selected are in that box.



• If you have other programs that use the database, then choose only those tables that correspond to your wordpress install. They will be the ones with that start with “wp_” or whatever ‘table_prefix’ you specified in your ‘wp-config.php’ file.
• If you only have your WordPress blog installed, leave it as is (or click ‘Select All’ if you changed the selection)
• Ensure that SQL is checked!

The SQL section

• ‘Structure’
• ‘Add DROP TABLE’
• ‘Add AUTO_INCREMENT’ and
• ‘Enclose table and field names with backquotes’

The DATA section



Tick the ‘Save as file’ option, and leave the template name as is.



Now click ‘Go’ and you should be prompted for a file to download. Save the file to your computer.
Depending on the database size, this may take a few moments.

You’ll now get a download prompt with your entire wordpress blog content and settings in one .SQL file.
Now you have the other half of your blog backed up onto your computer - making it a full backup.

Conclusion:

Yes, there are plugins out there that do this for you automatically, but it’s nice to know that you know how to do it yourself. I’m all for doing it yourself because then if anything goes wrong with your automated backup, you won’t have to search the internet for a tutorial. This guide gives you a full breakdown of a backup, so you won’t need anything else.

Do this as often as you feel necessary, then if anything goes wrong, you can restore your settings with ease. I’ve been there, done that.. It’s not fun.

Thanks for visiting my blog! You may want to subscribe to my RSS feed so you will be able to get these personal blog tips for free!