What To Do If Your WordPress Website Is Hacked (Step-By-Step Guide)

Become a WordPress Buff
What To Do If Your WordPress Website Is Hacked
Share on twitter
Share on email
Share on facebook
Share on linkedin

Your security scans have come back positive and it’s confirmed: your website has been successfully infiltrated. And when it comes to WordPress, “hacked” is never a word you want to hear. What do you do? Let’s walk you through the process of how to clean a hacked WordPress site and what next steps you should take to recover.

Let's Get Started

We all know, WordPress is the most popular platform. Because of sheer volume and the number of WordPress websites online, it’s the most hacked CMS on the web. That’s one of many reasons why it’s so important to learn to keep your site secure.

But even if you have basic security implemented on your website, people with malicious intent can still find access points through numerous tricks and loopholes in your website’s code.

Suppose we find ourselves in a worst-case scenario and someone has gained access to your WordPress website. What now?

Our team at WP Buffs helps website owners, agency partners, and freelancer partners prevent and repair website hacks. Whether you need us to manage 1 website or support 1000 client sites, we’ve got your back.

1. Stay Calm

How do you clean a hacked WordPress site? Well, the first step is to take a deep breath. Having WordPress hacked isn’t the end of the world and all is not lost. Being stressed or angry will do you no good and it takes your concentration away from recovering your website. Let’s put our energy into finding solutions.

wordpress hacked

2. Locate The Hack

Go through this quick list of questions. Ask yourself:

  • Are you able to log in to your WordPress Admin Panel (yourwebsite.com/wp-admin)?
  • Is your website redirecting you to some other website?
  • Does your WordPress website contain any illegal links?
  • Has Google already marked your website as insecure?

malware warning

Record your answers to each question and make sure that you’ve noted everything for the next step below.

3. Contact Your Hosting Company

Many of the good hosting companies are very helpful in these kinds of situations. The ones with experienced staff have faced these kinds of a problem before, so they should be well-equipped to help. That’s why before doing anything yourself, get in touch with your hosting provider and follow their advice.

If your website is hosted on a shared server, this is also how you can see if the hacker gain access to your website through another site on your server. In this scenario, your hosting provider can provide you with answers like how the hack was starts and spread. Also, there’s a good chance they can tell you where the backdoor to your website is from where the hackers found their way in.

Hopefully, your hosting company is responsible enough to help you clean up your site after a hack (or not let it happen in the first place). If not, you have other options.

4. Hire A Professional

If your website has experienced a bad attack or you just need it to be cleaned quickly, hiring professional help might be the way to go. A vulnerable website only gets worse as time goes on, so the faster you can get your issues fixed, the safe your website will be.

☠️ If your website has experienced a bad attack or you just need it to be cleaned quickly, hiring professional help might be the way to go. #WordPress Click To Tweet

This is most likely the best solution for you if you don’t consider yourself tech-savvy, or you just don’t want to mess anything up while you’re trying to clean your site. It’s easy to make things worse instead of better in these situations, so if you’re not comfortable making significant changes to the backend of your site, it may be time to ask for support.

One excellent option for this is Malcare. They are a complete WordPress security solution to protect your online identity. It is developed from the ground up after analyzing over 240,000 websites over the last 2+ years. MalCare ensures that your business is always protected and available to your visitors.

It comes with a powerful scanner that will never slow down your website and goes beyond just signature matching to find new and complex malware which usually go undetected in other popular scanners.

Malcare scans

MalCare comes with a one-click automatic malware removal feature that surgically cleans all traces of malware permanently from the website. They also have an intelligent plugin-based firewall that protects your website from bad traffic by using the collective intelligence of its network of sites.

Malcare firewall

Finally they have an intuitive site management module that lets you manage your themes, plugins, users and WordPress core for better security of your website.

And then there are the great reviews left online for Malcare! If your website is hacked, they’re definitely one of the go-to solutions.

Malcare testimonials

Joe, our Head Buff, also got the chance to hang out with the Team from Malcare at WordCamp Europe 2018. They’re some of the friendliest people he’s met in the WordPress space and are driven by making malware cleanup frictionless for their customers.

 

If you’re looking for a team to fully manage the security of your WordPress website instead of an automated system, WP Buffs implement and optimize iThemes Security Pro on your website for free as part of our care plans. So that’s always an option!

But if you’re not interested in bringing on help or want to tackle this problem yourself, the next steps are below.

5. Restore A Previous Version

If you’ve made a habit of backing up your site, this could be the golden moment for you. You must restore a version of your website from before the hack.

restore

When you restore an old backup of your site, always remember that your entire website will revert back to that version. Any content that you published, images you added to a gallery or general changes you made to the website will be lost. But, that’s most likely worth gaining a clean website back.

After you successfully restore the old version of your website, remember that it’s still vulnerable to attack! Time to add some serious security features to your site to avoid any malicious activity going forward.

If restoring your website will remove too many valuable changes, it’s possible to do a manual clean of your code as well.

6. Scanning & Removal of Malware

If any plugins or themes are not updated regularly, then there’s a chance that hackers could use outdated files to access your WordPress website. Once they’re in, they can then create a backdoor to more easily access your website in the future.

vulnerability

A backdoor refers to a method of bypassing normal authentication and gaining the ability to remotely access the server while remaining undetected.

The first work for a smart hacker is to establish a backdoor so that he can regain the access after you locate and remote the first point of entry (usually a vulnerability in an outdated plugin or theme). That’s why it’s so important to have a WordPress security audit log plugin installed on your website so you can track any changes made to your website in real-time.

One of the best way to avoid hackers accessing your website through outdated plugin or theme files is simply to keep everything up-to-date! Many plugin updates become available specifically because an older version had a security flaw, to updating will help you avoid this altogether.

To help you pinpoint any backdoors or malicious code installed on your website without your permission, always install and activate a WordPress security plugin that will regularly scan your website. Plugins like iThemes Security will easily find the location of the backdoor and then you can remove it manually.

7. Check Your User Permissions

Check your User’s Permission

You must check the user permissions of all your WordPress users. Double check that only you and your team members have access to admin accounts and that the permissions of other users haven’t been tampered with.

If you find any suspicious new users, remove them immediately.

8. Change Passwords and Secret Keys

Be sure to change all the passwords related to your WordPress site. That includes the password to access your WP dashboard, cPanel, MySQL database, FTP and any others that could help someone access your website.

If a password generator is available, be sure to use it to ensure your password is strong, unique and not easy for a hacker to guess.

strong password

Then, change your secret keys and salts to reassure that your WordPress website is safe and secure. The iThemes security plugin makes this extremely easy!

WordPress Salts

We’re big fans of iThemes, but read CollectiveRay’s Wordfence vs Sucuri comparison if you’re deciding between those two plugins.

After taking these steps, the hack has been cleaned and your WordPress website is secure. But that doesn’t mean that they won’t try it again. WordPress security has to be a continuous effort because those with malicious intent will never stop trying to gain access to your site.

In addition to maintaining your own WordPress site, it’s time to take security into your own hands and learn what it takes to keep your site safe.

Want to give your feedback or join the conversation? Add your comments 🐦 on Twitter.

Share this post:
Share on twitter
Share on email
Share on facebook
Share on linkedin
Did you enjoy this post? Subscribe for more
No thanks. I can manage, speed up, secure, fix and grow websites myself.

Schedule a private call with our team to discuss our 24/7 WordPress care plans for serious website owners or 24/7 white-label site management for agencies and freelancers

Register for our next live WP AMA event!

🏆Chance to win weekly giveaways

📆 Instant invites to our Weekly WP AMA

🙋 First access to submit questions

💻 Direct links to all of our events

WP Buffs, LLC is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please enter your name and email address above.

You can unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy. By clicking submit above, you consent to allow WP Buffs, LLC to store and process the personal information submitted above to provide you the content requested.

Read about how we increased Rigorous Digital's profit margin by 23% and helped remove all website issues for MEP Publishers and their 3 complex websites.

Case study eBook cover (MEP Publishing)
No thanks, I don't need more profit and I can tackle all my WordPress issues myself.
Case study eBook cover (Rigorous Digital)

WP Buffs, LLC is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please enter your name and email address above.

 

You can unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit above, you consent to allow WP Buffs, LLC to store and process the personal information submitted above to provide you the content requested.

Which care plans best fit your websites (or client sites)?

✔️ White-label site management

✔️ $1,000+ of premium plugins free under our care plans
✔️ 24/7 website edits and priority support
✔️ Ongoing speed and security optimization
✔️ 24/7 website uptime monitoring
✔️ 4x daily cloud backups
✔️ Weekly plugin, theme and core file updates
✔️ Weekly reports detailing any on-site changes

No thanks. I can manage, speed up, secure, fix and grow websites myself.
Questionnaire

Finally, a WordPress newsletter you'll actually read every single month.

✔️ High-impact news

✔️ Actionable tutorials and videos

✔️ #WordPress Twitter highlights

✔️ Vote on receipient of $200 donation and WP Buffs merch giveaways

✔️ Fully curated so you only receive the best 5% of content

No thanks, I have other ways to stay updated with WP

WP Buffs, LLC is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please enter your name and email address above.

You can unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy. By clicking submit above, you consent to allow WP Buffs, LLC to store and process the personal information submitted above to provide you the content requested.

Finally, get your website 99.9999% secure and loading in under 1 second.

Our free eBooks and easy-to-follow checklists will have your website fully optimized in just a few hours.

No thanks, my website is as fast and secure as I want it.

WP Buffs, LLC is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please enter your name and email address above.

You can unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy. By clicking submit above, you consent to allow WP Buffs, LLC to store and process the personal information submitted above to provide you the content requested.

How to Sell Your Very First Care Plans Cover

Finally, an email list that helps make WordPress simple and effective for you.

Speed & security optimization tips and detailed how-to guides with advice you can implement today.

No thanks, I already know everything about WordPress.
Speed checklist eBook cover

WP Buffs, LLC is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please enter your name and email address above.

 

You can unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy. By clicking submit above, you consent to allow WP Buffs, LLC to store and process the personal information submitted above to provide you the content requested.

Case study eBook cover (Rigorous Digital)
Case study eBook cover (MEP Publishing)
How to Sell Your Very First Care Plans Cover

Honed and proven strategies we've used successfully 500+ times to help you sell your first care plans. Action steps you can implement in minutes.

No thanks, I can already sell as many care plans as I want.
How to Sell Your Very First Care Plans Cover

WP Buffs, LLC is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please enter your name and email address above.

 

You can unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit above, you consent to allow WP Buffs, LLC to store and process the personal information submitted above to provide you the content requested.