Quick Fix: What To Do When Your WordPress Site Is Attacked

No one ever thinks it’ll happen to them, but just about every site suffers at some point – by spambots, malware, DoS and other attacks.

And if you’re running WordPress, those attacks can be a killer. Your VPS drops, but every time you restart your services to try and do something, the attacks take it down again.

So what can you do?

The quickest workaround – and the one I use when this happens to me – is to throw up a maintenance page. It means you may lose traffic, but it stops all the WP-based, heavy queries from pounding the server and taking everything offline before you can try to fix stuff.

By leaving WP in place behind the served page, you can also log in as admin and work on the problems, without allowing anyone else access (unless they happen to know specific URLs or something).

It’s not perfect, but it’s simple, quick and easy to implement. Here’s how it works:

  1. Download this zip file with a basic homepage and css (I don’t remember where I got the originals, sorry).
  2. Unzip it and edit the index file, replacing the maintenance message with your own. You can add links to other stuff or whatever you want, of course.
  3. FTP to your site and rename the existing index.php file to something else (such as “index.php for wordpress”).
  4. Upload the index.htm and monster.css files to your server (in the same root location as the WP index file was).
  5. And that’s it.

You’ll now have a basic maintenance page that is served to all visitors while you mess around to fix stuff behind the scenes. Simple.

Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *