WordPress Hacked: Spam Posts – How To Fix And Prevent Spam
One of the biggest problems in the WordPress hacked website is spam posts. Sometimes, your website is just bombarded with thousands of useless posts. These are either abusive content posts or they are simply adult website posts that you want to avoid. Sometimes, the attacker or the spammer even injects the ads posts. In simpler words, these will be just ads shown as a post. This small thing will ruin your entire website. Your website’s reputation as well as Google rankings. Hence, it is necessary to fix all of these things and keep the website normal. This guide will show you the exact way on how to fix and prevent spam on your website.
Overview of Spam posts
In a WordPress hacked website, the hackers will post some rubbish posts or pages. These posts are done in autopilot and hence, it would be either impossible or hard to remove all the posts. We will see some ways to remove the spam posts as well as we will explain to you how you can prevent it from happening again.
The spammy content is usually from these categories
- Abusive content
- Gambling and casino-related content
- Adult website or related content
- Download websites which will either be related to pirated movies, ringtones, songs, etc
- Spam suspicious browser extensions or software
- Other language spam
- Weight loss, get rich scheme, health or wealth products, etc
These are the most common type of spam seen on a WordPress website. Whether it is one among these or it is something else that you want to get rid of, we have covered every method that you can implement to solve the spam post issue.
It not only includes posts but also includes pages. The attacker will post random stuff as WordPress posts or as WordPress pages.
When you try to remove the pages, it will automatically be recreated. So, it would be pretty much useless. It is because of the malicious code that is executed on your server. We will see how you can detect that code and thereafter remove it. We will also see a quick way to delete all the posts/pages.
Check the theme and plugins
The first thing that you need to do is to check the themes and plugins before you proceed. Many times, the theme has a malicious code that is executed. It is either themes or plugins. So, if you have recently changed the theme, it will probably be because of the theme.
Before you skip the section, just know one thing. Deleting the theme/plugin won’t solve the problem. The code would have probably infected the entire website. So, you will have to check and clean the entire website to get things back to normal.
We will see the step by step guide on how you can detect the issues and remove the spam from WordPress hacked website. We will first talk about the theme.
So, you can either delete the theme and download it from a trusted source. Alternatively, you can add a plugin such as Sucuri or Quttera. It is a security checker that will scan the entire website for viruses and malicious code. Install and activate the plugin. Run a scan and it will tell you all about the theme. It will also tell you if the theme is infected. You can fix it by the methods given in the plugin.
However, if you are not able to solve the errors and clean the infected files, there is nothing to worry about. Just note down the list of infected files somewhere. It should include the path also. You can always try updating the theme as if there is a security issue, it would be fixed in the new one. Also, if you are using nulled/pirated themes or plugins, you should stop using it and get a genuine version from the official developer website.
Using the virus scanner
Your hosting panel also has a virus scanner. If you are using cPanel, you will see a virus scanner inside it. Now, we will scan the website with that virus scanner. The main reason to do it is to find more infected files. Also, the virus scanner might just fix a couple of files directly. So, you won’t have to put the effort into fixing the file manually.
Further, if you haven’t yet funded the path of the file, the virus scanner will show you the exact path of the files. So, in this way, you will find the exact location of the infected files. You can then take the steps to clean it manually.
To begin with the procedure, you can first head over to your cPanel and there will be the virus scanner option. You will find many options inside it. Make sure you select the “Entire home directory” when scanning for the virus. Even if one of your websites is affected, it is recommended to check all the websites for the virus. Hence, make sure you select the entire home directory. Start the scan and grab a popcorn until the scan finishes. It is scanned from the server-side and hence, you can close the window and switch to your work if you want.
After a while, you can check back and see the infected files. There will be an option to quarantine files that you can click on. If not, you can just note down the file path and we will fix it manually in the next step.
Please note that depending on the panel you are using, the procedure will slightly different. We have shared the method for cPanel as most people are using it.
Fixing the website
Once you have a complete list of the infected files, you will have to fix the files with the malicious code. Depending on how bad your website was infected, there will be many files that are infected. So, we will have to fix each one of them.
Let’s understand how you can fix it. There are mainly two ways you can fix the files. You can either replace it with the original files or you can go over to the coding and remove the malicious code yourself. If possible, you should replace the files with the original ones as it will be the fresh new file.
To replace the files, you will have to head over to the source. If it is a theme or plugin, you can head over to the original provider and download the zip file from there. Now, you will have to find the infected file in it and then replace it with the original one. Please make sure you have a backup of the previous files to avoid any crashing and data loss. If something goes wrong, you can revert it. The same goes for core files, you can either go to the WordPress.org and download the zip or else you can head over to Dashboard > Updates and reinstall WordPress from there. Both works smoothly.
In the same way, if you have to fix the files manually, you will have to open the file. You can either select code editor you can download the file and open it in the editor. Now, you need to find the encrypted code. You will automatically come to know that it is encrypted code as it will bunch of letters that make no sense.
Preparing the website restore
Once you do all these things stated above, you will have to make sure that you rescan the entire website. It will give you confirmation that no other files are infected and your website is safe to go. The next task you need to do is to restore the original website and undo all the changes that the attacker made.
Before we proceed on how to restore your website, you can do a couple of things before we make the changes.
At first, you can take the backup of the current version of WordPress. So, just in case, something useful gets deleted, you can get it back.
Now, if there are a lot of spam posts, even Google and other search engines might have noticed it. So, we will do the procedure to remove it from Google. However, it will take some time to remove all the links (more about it later).
Till then, we can do one thing that is we can redirect all the users that come to a spam post to the home page. For that, you will need a redirection plugin. The redirection plugin will automatically redirect all the deleted posts or pages to wherever you want. You can also redirect all the deleted links to the home page or you can just redirect the spammy posts to the homepage.
Now, we will see how you can delete the spam posts.
Restoring the original website/deleting the posts
The easiest way to do get back the original website is of course, by restoring it from the recent backup. If you are taking regular backups, you can just restore the backup and get back your old website. This works best for the people who are taking regular backups. If your website isn’t updated from that time, you can simply restore the backup and you are done.
Now, if this doesn’t work, don’t worry at all. We will see another quick way you can delete the spam posts or pages. There are a couple of ways to delete all the spam posts with ease. There are various plugins available for bulk delete such Bulk Delete or WP Bulk delete. You can install one of those plugins. These are the plugins that provide powerful conditions to delete the posts in bulk.
You will have to find a pattern in all the posts. You can see if all the posts are in a specific category, posted in a particular date range, or you can see if the author has changed. If nothing works, you can find the most recent post of yours and delete all the posts that are published after that date. You can do it with the help of the plugins.
Telling Google about the change
When your WordPress gets hacked, the attacker might have published hundreds or even thousands of blog posts. Deleting posts is not the only thing that you will have to do. When the posts are published, Google and other search engines might probably have caught the blog post. They might mark it as a spam and this might even flag the entire website into the spam list. So, there are chances that you will lose all your rankings.
Hence, it is necessary to fix these things before it is too late. You will have to ask Google to remove the indexing of the web pages. For that, you will have to create the sitemap again and resubmit it to Google. It will notify them about the entire changes. This is the easiest way to do it. If the webpages were not indexed by Google, you will see the results in less time. However, if they are indexed by Google then for such cases, it might take some time to reflect the changes.
If certain URLs aren’t removed by this and you are still seeing them, there is another option that you can use. Luckily, Google provides us a webmaster tool using which you can pretty much do anything. They have another section where you can ask Google to remove certain pages. You can enter the URLs there and Google will remove them.
To conclude, this was all about how you can remove all the spam posts and prevent further spam. To prevent it in the best way, you can use plugins like Akismet. Further, you should only download and install tools from the trusted source. In this way, your website will safe from spam. Keep the passwords strong and remove the unwanted people from admin. Further, you can install one of the security plugins to keep the website safe and secure. This will help you in preventing spam posts.