Many business websites lack dedicated security personnel and have insufficient awareness of website security. How should one resolve the issue of a website redirecting to another site after being hacked? Naiba here shares some basic troubleshooting methods for a compromised website. Our websites are almost constantly harassed by malicious crawlers, but you may not notice it because they haven't been hacked. So, if your website does get hacked, don't panic. Just follow the steps below to troubleshoot and resolve the issue step by step.
Step 1: Request help from the hosting provider
For example, those commonly used by foreign trade professionals
SiteGround, or Bluehost, etc., whose plans include security features like malware scanning. You can directly submit a support ticket and ask customer service for help. If the service you purchased does not include this feature, then you'll have to troubleshoot it yourself.
Step 2: Check Server Files
Log in to the server and check if there are any unknown files or folders in the website directory. Usually, files with chaotic or random names are highly suspicious. You can also judge based on the file creation time. If you haven't uploaded any files to the server recently, then the most recently created files are highly suspicious. The most reliable method is still to find an experienced technician to help you analyze it. If you can't find one, you can make a simple judgment by comparing it with the default WordPress directory list (though you might not be able to tell which files are generated by normal plugins).
In the image above, the red boxes indicate WordPress core files. The wp-content folder contains folders uploaded by the website, such as Themes and Plugins. wp-config.php is the website configuration file, generated during installation.
Step 3: Reinstall WordPress
You can first back up the website and then reinstall WordPress. Note that during reinstallation, do not re-upload any files to the web server except for uploaded image files. Download Theme and Plugin files from their official websites before uploading them to avoid plugins and Themes containing malicious code that you might be unaware of.
Step 4: Install a Security Plugin
At this point, the Trojan files are usually gone, but to prevent any malicious code from hiding within your Posts, we can install some security software to help you resolve this. Related article:
After completing the above steps, if your website wasn't compromised by a particularly troublesome hacker attack, the Trojan files should have been cleared. Next, you still need to properly secure your server. For example, set a complex server password, upgrade the server system and components, update the website version and plugins, etc. For more information on WordPress security, please visit
the corresponding topic。
In the image above, the red boxes indicate WordPress core files. The wp-content folder contains folders uploaded by the website, such as Themes and Plugins. wp-config.php is the website configuration file, generated during installation.
Comments are closed
The comment function for this article is closed. If you have any questions, please feel free to contact us through other channels.