Recover from a WordPress Malware Hacking Attack by Switching Web Hosts - Switch web hosts and change DNS

(Page 3 of 4 )

DNS propagation takes time (sometimes between 24 to 48 hours). While you're busy preparing and testing your backups, find a new web host which is reputable, highly secure, with good user ratings. If you have the budget, that's better; you have a lot of choices. You can find some recommended web hosting companies here, from WordPress: http://wordpress.org/hosting/.

If you like free web hosting, aim for ones with high ratings which have been operating for years. You can find some hosts here: http://www.free-webhosts.com/user_reviews.php

Now for the most important part. Once you have completed your web hosting application, you need to log on to your domain registrar and change the DNS setting to point to your new web host. This step should be done before you work with any backups in your local host and upload them to your new web hosting server. Refer to your web hosting and domain registrar procedures/support for the exact name servers to be updated as well as the procedure.

Second step: extract and test your backups

You cannot move to another web host without your files. There are certain circumstances in which it's very important to take your files (both the current ones and the latest backup) and double check for infection in the local host (offline). These include finding something strange in the web server; seeing lots of people complaining in the hosting support forums; and finding some strange JavaScript/HTML i-frame in the source code. 

But what happens if you fail to back up immediately? Well you can politely beg and contact the hacked web server owners, and try to request your files; after all, it was their fault. Just be hopeful in this case that they will provide you with some backup.

If you are a web developer, do not delete your local host files which you have made during the development phase of your WordPress website. This can be a very valuable asset when you start over again when your website is hacked or your hosting won't provide files because they have all been deleted by the exploit. It is highly important to scan the files, double check your file for injection as well as to completely test your backup before uploading to your new web host.

Below are the exact steps that you should do (which are continued in the next section).

Step 1. Place your files in your XAMPP local host (if you are a Windows user). The objective here is to run your website in an XAMPP local Apache server. Details on this procedure can be found in this tutorial. 

Next: Upload files to your new web host >>
 

More Web Hosting Security Articles
More By Codex-M