STEPS TO FIX YOUR HACKED WORDPRESS WEB SITE

There are several levels of severity of the hack and the Wordpress security checklist below can help you get started on identifying the extent of the issue. You may use our free customized WordPress malware scanner to get a list of issues to resolve for your hacked site. We also provide Wordpress malware removal services to quickly repair your website and make it fully secure & hackproof. Below you can find the summarized Steps To Repair Hacked WordPress.

Step 1 - Analyze the problem

Step 2 - Back up your website

Step 3 - Install Security plugin

Step 4 - Fix any errors

Step 5 - Delete Wordpress

  • CPanel Uninstall
  • Manual Deletion
  • Manual Delete Database

Step 6 -Check FTP Accounts & Delete unauthorized accounts

Step 7 - Update all themes and plugins

Step 8 - Delete unused plugins and themes

Step 9 - Change passwords and usernames

Step 10 - Check your hosting account file manager for any malware

Step 11 - Backup clean copies of website once all hacked files has been removed

Step 12 - Reinstall Wordpress

Step 13 - Restore website with a backup

Step 14 - Rescan website

Step 15 - Take preventative steps to keep hacker from attacking again

Let's Start,

Check the Severity of Attacks

The first step of the hacked WordPress website fix process, is to check to see if you can login to your WordPress admin panel.If you are unable to so, the severity is high and you may require professional help to save time and do a thorough cleanup. If you can still access the WordPress admin panel,you can move forward to the next step of the process. We recommend that you change your Wordpress website passwords before you start the clean-up.

Google Site Checker

With the help of Google's safe browsing technology, you can easily check whether a website is a potential danger to you as a user. Another option is Health check, available in the Google console through the “Health“ menu item . If Google has already identified a malicious program on the website you visit, you should have received a "This site may be hacked" warning that will disappear once the site is fixed

WordPress Scanning and Removal

WordPress Malware Scanner
There are various scanners on the web that can find and remove malware from a website. After the scan, you will get an overview of the problems encountered, such as possible spamming or unauthorized changes to the page. For WordPress users it is possible to apply plugins with useful features such as post list verification, last access and various security notifications. Hackers often hide their backdoor in themes and plugins in WordPress websites. You should look at your WordPress website and delete any inactive WordPress themes and plugins. You can learn more about the Wordpress Backdoor hack. Once you have deleted the plugins, you should rescan your WordPress website to get an updated list of issues. Our free and safe WordPress Scanner will provide the status of all of the core WordPress files to tell you where the hack may be occurring. Wordpress theme security is another important aspect of overall wordpress security. You must scan wordpress theme for malware in the first place.The most common places are WordPress themes and WordPress plugin directories, wp-content upload directories, wp-config.php, wp-includes directories, and .htaccess files. You should also run your website through a Theme Authenticity Checker, which is linked here. The theme authenticity checker will show a details button next to the theme with the reference to the infected file. It will also show you the malicious code that it found.

Restore your WordPress Website from Backup

If possible, you should restore your WordPress website to an earlier point, when it was not hacked. You can access the steps to backup and restore wordpress manually here. If you are able to restore your website, there's a good chance that you'll have your site back up and running soon.However, the downside can still be that you risk losing blog posts, new comments, etc.In this case, you still may want to manually remove the hack, depending on the length of the hack time and amount of content you have.

WordPress security plugin

There are several WordPress security plugins for protection against malware, Trojans, and rootkits. When talking about malware in WordPress, you should pay special attention.

Manual control

Another way to find and repair a hacked website is to manually review it. Files of the type .htaccess, .php and multimedia files are very popular among hackers. We advise searching for existing directories according to base64 encodings. These types of infected files can be easily identified. If you have found malware on a website, you will need to clean your computer of malicious programs and change their logins to access FTP. If the infected pages need to be cleaned or removed, the CMS must also be reinstalled. The new installation generally eliminates the main problems. However, while the above options can help you find malware and repair a hacked WordPress site, there is no guarantee of success. The constant evolution of cyber attacks makes the IT security landscape unstable. Read more about Wordpress malware removal steps here.

Update / Remove unused plugins and themes

You must update all plugins and themes. By the way, although you can have several plugins on your site and each one of them gives you different functionality, it does not make the same sense to have several themes installed. Delete all the themes you don't use and keep the active theme you are working with updated. This is how we can update themes, and plugins. To give you an overview of the process, we have divided it into a few short steps: Do a cleanup on your WordPress site and remove all unused plugins and themes. Hackers often search for outdated and disabled themes and plugins (even official WordPress plugins) and use them to gain access to your desktop or upload malicious files to your server. So one way to kind of help keep your site secures always update your plugins that way, you know hackers look for dormant plugins don't get updated in a while and they can sometimes hack into those. So by keeping your plugins updated that is one way to help protect yourself and then number Your themes you want to make sure that you don't have any extra theme files laying around in your file manager that you're not using. So it's a good idea to just delete out all the other themes because you can only use one theme at a time for your website anyways, so now these are all updated. It also helps keep your website a little bit faster because it removes, you know, all the files and stuff that could slow down your website. It's just extra space. It's taking up. So by deleting plugins that are inactive. You're also helping speed or website up a little bit. By removing plugins and themes that you stopped using (and probably forgot to update) a long time ago, you reduce risk and make your WordPress site a bit more secure.

Disable file editing

As you know, WordPress has a built-in file editor that allows you to edit PHP files. While this feature is very useful, it can also do a lot of damage. If the attacker gains access to your admin panel, the first thing they will look for is the File Editor. Some WordPress users prefer to completely disable this feature. It can be disabled by editing the wp-config.php file and including the following line of code: define( 'DISALLOW_FILE_EDIT', true ); That's all you have to do to disable file editing in WordPress. IMPORTANT: In case you want to re-enable this feature, use your hosting provider's FTP client or File Manager and remove this code from the wp-config.php file.

Replacing damaged or infected files

To remove malicious code from all infected files is only possible by replacing damaged files with new generic files. We are going to carry out the following actions in the following order, in an organized manner and without leaving any half-done steps so that no trace of the malware remains: Once this is done, it is possible that our website is already more or less secure and that we can access it in a normal way through the web browser. You must bear in mind that if you have made important modifications to the theme code or the plugin code in relation to the originals downloaded from official sources, you are going to lose them and you must do them again.

Reinstall everything

You will need to reinstall the plugins, themes, and WordPress itself after backing up everything. When you extract content from your wp-content folder, only use the image files that you have archived. It is too risky to download Java or PHP files because they can be compromised without your knowledge. Afterward, perform a full virus scan of your computer to make sure that there is nothing more to worry about.

Check User Permissions from WordPress Admin

Do your diligence on providing access to the correct users in your team for your WordPress website. You may check the users section of WordPress to limit the administrator access to your website.

Disable Cookies from WordPress Admin

You must ensure that the cookies are disabled moving forward to prevent further hacking. Once a user logins using the permissions, he or she will remain logged in until the cookies are invalid. You must first create a new set of secret keys. You need to generate a new security key. You must add this newly generated key to your wp-config.php file.

Download a new version of WordPress

It is essential to install a new version of WordPress to be sure to get off to a good start. You must also download the latest versions of your plugins, because the hacker may have introduced scripts into your plugins.

Rescan website

WP Hacked Help is the best way to rescan WordPress-based websites for malware, website blacklist, injected SPAM, defects, and malicious code online. In no time, we will scan and give results, whether your website is infected or not. It is one of the best scanners to discover malware, viruses or malicious code present in your theme, Wp core files, or plugins. Not only do we provide the best wordpress malware removal service, but it also provides experts advice to remove malware from your site without breaking your WordPress website plugins or themes.

Backup clean copies of website files

We are going to use FileZilla for this example. Once you cleaned your WordPress site from malware, follow these steps:

Change Your Passwords One More Time

You need to update your WordPress password, cPanel / FTP / MySQL password, and any other place that you might have used this password for maximum security. You must ensure that all users who have access to the website have also changed their passwords. We hope this guide helped you repair and fix your hacked WordPress site.

WHAT DO WE SCAN AND WHY

  • We scan your WordPress website for penetration attacks from a 360 degree view, to ensure complete analysis of potential issues.
  • We check with well established blacklists to check if your WordPress website is listed.
  • Our deep scanner performs a through analysis to check for signs of infection.

WPHackedHelp has over 15 years of WordPress experience. Our goal is to be the best in WordPress cleanups. Hackers often leave back doors which most clean up services do not clean up. We take advantage of our experience to carefully analyze all of the files to make sure we catch every issue on your WordPress website.

Testimonials

Question and Comments

Our dedicated support staff is available 24/7 to answer your questions.

Contact Us

1-888-331-5797