What to do if your WordPress site gets hacked?

What to do if your WordPress site gets hacked?

Posted 23rd October, 2019 by Nadejda

Sadly, when running your own website there is always the possibility of getting hacked. We are aware how stressful this is and the negative impact it can have on your business. In this article, we will provide you with a step-by-step guide on what to do if you fall victim to hackers.

First and foremost, don’t panic! Contact a professional.

Your online security is a very serious matter, especially if your business and reputation are depending on it. This is why we recommend that the first thing you do is stay calm and get in touch with a professional to check the problem for you, sites have been hacked before, it’s not the end of the world. Our Fixed team has plenty of experience with hacked websites and we are excellent at locating and fixing such issues in a fast and efficient way.

Maintenance Mode

If you decide to handle the matter yourself and you are confident in your own skills, then this is what you need to do. You don’t want visitors seeing the state of your site while you are trying to fix it.

If you can, put it into maintenance mode.

If logging into your site is not something you can do at the moment, do it as soon as possible. Once this is done you can relax knowing people will not be aware what’s going on with your website.

Reset all passwords

As you are not sure which is the hacked password used to gain access to your website, just to be on the safe side change all of them. This will prevent the hacker from using them. Change the password to your database, hosting provider and SFTP password as well.

All admins to your site need to reset their passwords.

Update Themes and Plugins

The next important step is to check if all themes and plugins are up to date. Go to Dashboard – Updates and update everything outdated on your website.

Do this before attempting other fixes, because if your theme or plugins make your site vulnerable, other fixes you make could be undone by this vulnerability. Before you proceed make sure everything is up to date.

Remove users

If you see admin accounts to your website which were not there before, you need to remove them. Check with other admins if they have made any changes to their details and if there aren’t any, delete the unknown accounts.

Remove unwanted files

Use a security plugin to scan your website and see if there are any files that shouldn’t be there. The one we recommend is called Cerber – it does regular file integrity checks and it’s super useful.

Clean out your sitemap and Resubmit to Google

Search engines can red-flag your website because of sitemap.xml file. You need to regenerate your sitemap with the help of an SEO plugin like YOAST. You need to notify Google that your site is now clean. Add your site to Google Search Console and submit a sitemap report telling Google you wish your site to be crawled. Be advised the process can take up to two weeks, so be patient.

Reinstall Themes and Plugins

If you are still facing problems with your site, all themes and plugins which are not updated need to be reinstalled. Go to the Themes and Plugins pages and reinstall them. If your site is not on maintenance mode, do that first.

If you bought the theme or plugin from a vendor and you are not sure it’s secure enough, it’s a good time to consider whether you should be using it. If you installed a free plugin or theme from a different place other than the WordPress theme or plugin directories, don’t reinstall it. Instead buy the legitimate version or install it from the theme or plugin directory. If you can’t afford it, simply replace it with a free version which does a similar job.

Reinstall WordPress Core

If all other options fail, reinstall WordPress. If your files have been compromised, you need to replace them with a clean WordPress Installation. Upload your new WordPress files via SFTP, overwriting the old ones. It’s good to take a backup of your .htaccess and wp-config.php files if they are overwritten.

Clean out your Database

If your database was hacked, you need to clean it as well. A clean database will have fewer stale data taking up space, which will make your site run faster. How do you know if your site’s database has been hacked? Use your security plugin to run a scan, which will tell you if your database was compromised.


Was this article useful? Share your tips and comments bellow.

Categories: Wordpress, Website Security