How to fix hacked WordPress site

The internet is one of the most important media of the 21st century. We use it almost everywhere, in schools, at work, for researchers, to read the news or just for relaxing. But even here with such a useful tool, we can find the dark side. During our work for our clients, we met a lot of attacked and hacked sites. According to our experiences, we decided to share a simple guide how to fix hacked WordPress site with you and what to do to keep your site safe and working.

Before we start

There are few rules that we should mention before we start. First of all – backups. You should always have prepared a great backup solution to recover your website data. You can choose from many plugins, which backup your site and database. Check out few tips in our article How to find an ideal WordPress backup plugin.

The other sign of the valid site is to keep it updated. That means you should regularly check for updates of your plugins, WordPress, and templates. It is related to periodically visits the site from a reader’s perspective. Make sure you install only plugins from verified sources with high download number and evaluation.

One options that’s been gaining popularity in these days is hiring out all of this stuff to a service.  Most often there’s a monthly fee, and services range from simple backups to security. Our MyWPStaff service is one of them.


How to fix hacked WordPress site

The first thing that you have to do when your site is hacked is identify the hack. Don’t panic and try to write everything that you know about the attack:

  • Do you still have an access to your WordPress admin menu?
  • Is your site redirecting to another link?

Check your site and database

If you still have access to your site and database check for the unknown and suspicious files. Compare these files with a clean installation of the same version of the WordPress and delete them. On the pictures below you can see examples of suspicious files. This is only one kind of attack. A more sophisticated hacker would use less obvious file names, so it would not be so easy to recognize changes.

Update your site

To keep your site safe, check for updates of your plugins. If you find a plugin, which has not been updated for a long time by the author, check for an alternative. After updating, check if any data doesn’t change – compare files with the clean installation of the WordPress.
When you are finished with the updates, create the backup of the site. Upgrade WordPress to the latest version and backup again.

Finish your recovery

One of the last steps is changing passwords for all admins and to the database. When are done, install some of the security plugins. We recommend iThemes security. With this plugin, you can set the security level of the site, such as password power and also scan for some kind of virus or malware. And that’s the last step that you need to do.

You may be a little scared of fixing the hacked site by yourself. So if you are not technical type or just don’t want to waste your time do not hesitate to contact us, our team of professionals will do it for you.