In the past two years we noticed 700% increase in Wordpress installations across all servers. Wordpress platform became very popular and, at the same time, most abusive. The script by itself is great, easy to use and pretty secure. It's secure if you install it properly. It will be secure if you maintain regular updates. Most of compromised blogs were hacked because they were left "as is" for years. If your Wordpress driven website has been hacked, here are your options:
a) I have ~3 hours of free time and basic FTP/MySQL knowledge:
1. Scan personal computer or network of computers for trojan horses and viruses. The most important step - vulnerability scan! We do recommend Kaspersky Internet Security. Update or remove outdated programs after venerability report.
2. Backup all data via cPanel > Backup > Generate full backup. Do not leave backup on the server - download it to personal computer then remove! If your site has over 5GB of data, backup will stuck due to backup file limitations. Please contact WestNIC for free manual site backup.
3. Contact WestNIC for username/pass change. You will receive new username and password to cPanel.
4. Remove all wordpress php files and directories. You may keep images and uploads directory if you're 100% sure that directories are clean (no viruses / no phishing content). Do not keep old wpconfig.php file - it's completely useless.
5. Remove old username to Data base via cPanel > MySQL.
6. Add new username to Data base. Important: username must be strong. Please make sure that username is differ from data base name. Example:
data base name: sd28g1_myblog
username to data base: sd28g1_5rt2q6
password (generated via "Password generator tool"): }Hkl]yAm3;T
7. Download latest Wordpress directly from script vendor: wordpress.org then unzip it on personal computer.
8. Upload fresh Wordpress into public_html folder or in blog folder (if you used /blog or different folder).
9. Move wp-config.php file outside public_html directory then set permissions 400. Do not leave permissions 644!
10. Modify wpconfig.php (add new db name, db username and password, create then add keys).
11. Make sure that you created strong security keys via https://api.wordpress.org/secret-key/1.1/salt/
12. Run upgrade installer.
13. Upgrade will destroy custom WP themes. You need to use official theme which can be customized later on.
14. Login to wp-admin again then verify that username and password to blog are secure. Username cannot be "admin". Password must be strong (please use cPanel or WHM password generator tool). If you find additional users, please remove them!
15. Lock wpconfig.php file via FTP with permissions 400.
16. You should lock wp-admin folder with additional user/pass (may break WP functionality). Please see cPanel > Security > Password Protect Directories > Select wp-admin folder then create user/pass. This step will add additional layer of protection of WP backend.
17. Monitor wp-admin control panel very closely. As soon as you see "update available", update it before it's too late.
18. Do not install any addons unless you know vendor/source. Once installed, it must be updated separately.
19. Do not install custom WP themes unless you know source (one source: wordpress.org). Once installed, it must be updated regularly.
20. Review additional security documentation / Wordpress advisory: http://codex.wordpress.org/FAQ_My_site_was_hacked
b) My Wordpress has been hacked and I have no idea what to do OR I need my blog NOW (no time to fix it)
WestNIC is offering Wordpress security audit and one time installation/upgrade for per script installation (WestNIC customers only). It can be scheduled by appointment only via support desk. Please be patient, each audit/upgrade requires at least 2 hours. Please note that we provide one time security audit only. That means your script will be secured *for now*; in order to keep it secure, you must maintain regular updates via wp-admin control panel, change passwords, run own backups via cPanel etc.