Overview
If your site is hacked, there are several important steps that DreamHost recommends you take.
In general, recovering from an exploit requires locating the source of the breach, closing any security holes, removing any backdoors, and cleaning up the damage.
If you're not comfortable fixing your WordPress site on your own, you can request DreamHost's Hacked Site Repair (a professional malware removal) service. DreamHost experts will access your account and make the necessary repairs to get you back online quickly. See the Terms of Service page for more information.
The following is an overview of the process of clearing up any exploits on your account.
What is most vulnerable?
The following sections describe common items that are most vulnerable on your website.
Outdated web applications
Outdated web applications and associated themes and plugins are often the point of entry for most exploits. Keeping all web applications, themes, and plugins updated to their latest versions helps to eliminate known security vulnerabilities. If you're unsure if there are security concerns related to any web application that you are using, you can search for advisories related to known vulnerabilities in the following link:
WordPress sites
If your WordPress site is configured for automatic updates, DreamHost will upgrade it as updates become available.
Compromised passwords
Web applications may have had their admin passwords compromised or malicious users added without your knowledge. DreamHost strongly recommends that you log into your applications to audit unknown users and change any passwords for admin-privileged users if you suspect that your site is hacked.
See the following article for more information:
Who is responsible?
In short, you are. DreamHost may assist in some situations but is not obligated to do so. View the Terms of Service page for current details:
DreamHost sells the use of servers and manages the OS and utilities on the server themselves, but DreamHost does not manage customer software that the customer chooses to put on the server. The liability for software housed in a user’s account is stated in the Material products section below.
Material products
- Customer will provide DreamHost Web Hosting with material and data in a condition that is “server-ready”, which is in a form requiring no additional manipulation on the part of DreamHost Web Hosting. DreamHost Web Hosting shall make no effort to validate this information for content, correctness, or usability.
- Use of DreamHost Web Hosting’s service requires a certain level of knowledge in the use of Internet languages, protocols, and software. This level of knowledge varies depending on the anticipated use and desired content of Customer’s Webspace by the Customer.
- The following examples are offered:
- Web Publishing: requires a knowledge of HTML, properly locating and linking documents, using an FTP client to upload data, graphics, text, sound, images, and so on.
- Scripts: requires a knowledge of the UNIX environment such as TAR & GUNZIP commands, permissions, and so on.
- The Customer agrees to have the necessary knowledge to create a webspace. The Customer agrees that it is not the responsibility of DreamHost Web Hosting to provide this knowledge or Customer Support outside of the defined service of DreamHost Web Hosting.
How to fix your hacked site
Visit the following links for details on how to fix your site after a hack: