How to Fix a Theme Hacking on 7 Common WordPress Themes: Avada, X Theme, Enfold, Jupiter, The7, Divi, & Salient

WordPress theme hacking attempts are one of the inevitable byproducts of having a WordPress website – and one that we all believe ourselves to be immune to. However, since more than 30,000 websites are hacked every day it is best to be prepared. Here are some hints to recognize if your site has been hacked, as well as some ways to fix the situation.

What Does It Mean If My Theme Has Been Hacked?

There are many ways for hackers to get onto WordPress websites. Hacking the WordPress theme is one of the most common way for hackers to gain access to website. A hacked WordPress site or theme means that someone has gained access to your website and can then control your site for their own nefarious purposes. There are many different reasons why someone would hack a website. It could be to add malicious malware or viruses to attack other computers and gain personal information; other hackers do it to send out spam or redirect websites to more seedy material; some do it just because they’re bored. No matter the reason, it is best to protect your site from hackers. 

How Would They Have Hacked My Theme?

There are a two common ways for people to gain access or hack WordPress themes:

1. Out of Date themes – Often themes need to be updated. Updating themes will help fix weaknesses in a theme. When hackers get wind of these weaknesses, they waste no time exploiting them. WPbeginner states 83% of hacked WordPress sites did not have updated themes. Consequently this made them an easy target. Keep those themes updated to keep hackers out!
2. Easy to Guess passwords – This seems pretty obvious but it still happens. Avoid using easy passwords like 12345678, password, or even your name. Try using numbers, symbols, and capitalization to strengthen your password. If you’re worried your password may be common, double check it with the 10,000 most common passwords. It may be helpful to change your password frequently as well.

Often victims of hacking wonder if it is your Hosting Provider’s fault.  No, not usually. It is usually because you don’t keep your site up to date or your passwords are weak. We see it across all hosting providers. Especially across MediaTemple, GoDaddy, BlueHost, HostGator, HostMonster, 1and1. Luckily, if some one does hack you, there are ways to fix the problem.

How Do Identify My Account Has Been Hacked?

Hackers are sneaky. It is not always clear when an account has been hacked. However there are some red flags to warn you if something fishy – or maybe phishy – is going on. Wptemplate and WordPress.org share some ways to identify if someone has been hacking your theme. Here are a few:

1. Numerous redirections
2. Permalinks are changed
3. New or unauthorized administrative users
4. Banner ads or other strange content on your site
5. Your website has been blacklisted or by search engines
6. Users complain about spam or unwelcome ads

If you notice any of the above warnings happening on your site, your site could be experiencing a hack. While being hacked is annoying, it is a solvable problem.

Common Themes That Are Hacked

Which themes are most hacked? Though any theme can be hacked, usually the more popular themes are attacked. Here is list of ones we see most often being hacked (note: these are also some of the most used themes, which is part of the reason – it isn’t because the theme is bad)

1. Avada, published by ThemeFusion, gets attacks from hackers
2. Jupiter, by Artbees, can get hacked
3. X Theme, from Themeco, has been hit by hackers
4. Enfold, a Kriesi theme, has been hacked
5. The7, Created by Dream-Theme, suffers from hacking
6. Divi, from Elegant Themes, has received hacker attacks
7. Salient, theme published by ThemeNectar has also been known to be hacked

How Do I Solve The Problem?

If your site has been hacked, here are a few  suggestions to fix it

1. Get Professional Help – We are happy to help out. We offer support plans that include hacking insurance, which means we will fix your site if it is hacked.
2. Update WordPress
3. Upgrade the theme
4. Upgrade the plugins
5. Change your passwords
6. Remove corrupt files – Get a scan from your hosting provider (i.e., BlueHost, HostGator, MediaTemple, 1and1, etc.) or from a security plugin such as WordFence – then remove any corrupted files
7. Check users – remove any past or erroneous users
8. Repeat – It usually takes more than one round to fix issues, so be prepared to have to do this more than once.

Finally, the most important thing to remember is to not panic. If you are feeling overwhelmed, we are here to assist you. We are happy to help out with a free consultation. We offer help in switching hosting providers and in offering hacking insurance to fix the site. Start defending your site today!