How To Prevent Hacking, and What To Do When You Get Hacked

hackerHacking happens. We should put this on bumper stickers and sell them.

On an infinitely long timeline, it’ll probably happen to you, too. So what can you do to prevent hacking and how can you recover if you’ve been hacked? Well, Spotted Koi is about to lay the knowledge on you.

Before the Hack Ever Happens

Pick a strong password. This might seem like a fortune cookie truism, but it’s tremendously important. Don’t use the same password that you use for everything else. Pick a super-unique long phrase composed of multiple words, like: thiswebsiteisnotforyoutohackbecauseiamagoodperson

Alternatively, you could compose a shorter example with non-alphabet characters and random capitalization: D*nt3aTteh^jeepcherokeekitten#@$

As an added bonus, be sure to keep your version of WordPress up-to-date and protected from the latest hip hacks on the block. Here’s an old post about keeping WordPress updated.

You should also look into installing these free plugins:

  • Install the FileMonitor plugin to keep tabs on people rooting around in your website’s files when they shouldn’t be.
  • Install the BackupBuddy plugin to rescue your data in the case of a serious hack
  • Install the LoginLockout plugin to…lockout your login. :) LoginLockout only allows 3 incorrect login attempts (to your WP backend) from each IP address in a 30 minute period to prevent bots from cracking your password by brute force.
  • Install the WP-Firewall plugin to prevent uploads of malicious files through WordPress.

If the Unthinkable Should Occur

Make sure that your website is truly broken. Visit and type in the URL of the site. Try out your site on a few different browsers or operating systems to see if it’s a simple display issue as well.

Change your password as quickly as possible. If this isn’t an option, phone up your hosting company ASAP, explain who you are and what your problem is, ask them to look into it and stay on the phone while they do.

Contact Spotted Koi so we can walk you through the rest of our detailed, step-by-step plan for evaluating the health of the files on your server and databases as well as your themes and options. We want you to be safe. Clever hackers will leave behind the tools that they can use to break in and disrupt your life/work the next time.

The fact of the matter is, every unhacking project is slightly different. Some take fifteen minutes to rectify, and others can take the better part of a week to fully unravel. If you’ve got to check every line of code on your site, that can take time.

We have previously published other resources on unhacking, so check that post out, too. But remember, the best way to not be a victim is to secure your site from the beginning. It’s not foolproof, but it might be enough of a deterrent to scare away would-be hackers. As always, Spotted Koi is here to help.


Picture from Flickr user elhombredenegro

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>