Recovering a hacked site needs a technical background, but at least, you should learn how to play with necessary precautions.
Hackers keep scanning the Internet for vulnerable targets, such as sites with unpatched security loopholes. In this scenario, admins need to update their websites and keep things safe for avoiding future gaps.
However, when it comes to recovering a hacked WordPress website, you need to get into WordPress features and configurations, as WordPress runs with a structured hierarchy of core files, called Content Management System (CMS).
In today’s write-up, we focus on recovering your hacked WordPress website.
The entire process consists of basic and proactive measures, along with considering WordPress plugins for securing your WordPress site.
Ask yourself first
- When do I need to get worried: When you see new user accounts you didn’t create or experience strange site behavior such as your Home Page redirects to an unknown page, or see a sudden drop in website traffic.
- What do I need for going through the entire process: You should be able to manage basic WordPress options, along with your Hosting cPanel login access, and the ability to create, copy/move and edit/save files in your Hosting cPanel -> File Manager -> Root.
Process: How to recover a hacked WordPress website?
If you see some strange happenings on your WordPress site, it’s time to step forward and secure your website.
Important: You should always keep backing up your site. Usually, after updating your site content (pages, posts, users, database, WordPress themes, uploads, files), you should take your site back up ASAP.
STEP 1: Check your Logins
Logins refer to credential information for Hosting cPanel and WordPress Dashboard.
Proceed to log into your Hosting cPanel and WordPress Dashboard. If you find them OK, get in, and change your login information. If you couldn’t get into accounts, proceed with the next step.
STEP 2: Contact customer support service
Let’s assume that you’ve lost access to your Hosting cPanel and WordPress Dashboard; your next step is to contact customer support at your hosting company and ask them to change or reset the password for your Hosting cPanel. Here is a list of Live Chat support portals of top Hosting companies.
Customer support representative may ask you for verification of your Hosting account. You may need to give them details, including Domain name, address, email, date of birth, and other facts depending on requirements and Hosting company’s policy.
To this line, you should be able to access your Hosting and/or WordPress Dashboard.
STEP 3: Check user accounts
Once you’ve access to your WordPress Dashboard, the USERS page shows a list of user accounts on your site. If you see new accounts you didn’t create, delete them all ASAP and proceed to change the email and password for your WordPress account.
- What if I got access to my Hosting cPanel and not to my WordPress Dashboard? In this case, look for an option that lets you load your WordPress Dashboard from Hosting cPanel. If you couldn’t find any, find the PhpMyAdmin and proceed to change user information.
Finally, you should confirm your email and user accounts are correct on your site profiles (Hosting cPanel and WordPress Dashboard).
STEP 4: Check basic settings in the WordPress Dashboard
After getting access to your WordPress Dashboard, make sure you check the validity for the following factors.
- Permalink structure
- User accounts
- Third-party services such as Google Analytics and Google Search Console profiles
Finally, your goal is to set the default options in your WordPress Dashboard. Don’t forget to save changes at the end.
STEP 5: Use online malware scanners and plugins
After you notice hacking breaches in your site, make sure you scan your website with online scanners. Such web tools help you examine your site for malicious files and suggest the process for removing them safely.
Here is a list of tools you would like to use for scanning your site for possible malware entries.
Pay particular attention to scan results. Make sure you proceed to solve identified threats and get green signals at the end.
Similarly, check your site with security plugins such as WordFence, Sucuri, and Total Security.
STEP 6: Re-install WordPress from scratch
Re-installing WordPress from scratch renews all your site’s core files, removes malware entries, and helps you create your site database from scratch.
Before proceeding, consider the following key points:
- You can proceed to install WordPress from scratch IF you’ve access to your Hosting cPanel -> File Manager. Moreover, you can also continue with the process if you have access to an authenticated FTP session.
- You should be able to proceed with confidence. Proceed if you know how to install WordPress manually from scratch.
- Proceed if you have the latest backup copy of your site. Also, you’ll need to restore your website after finishing the WordPress installation.
- We recommend this process for sites with a low volume of content. Adding, make sure you set the WordPress features after finishing the WordPress installation, such as the Permalink structure.
For more information, head over to the tutorial and learn how to install WordPress manually from scratch.
STEP 7: Hire a professional
If you don’t prefer technical routines, you can hire a professional for recovering your hacked WordPress website.
The best move is to hire someone on sites like Freelancer or Fiverr.
Before you proceed, consider the following aspects.
- You’ll have to pay someone for securing and restoring your WordPress website.
- You may need to provide your site’s login information to Freelancer or someone you’d like to hire. You can allow your admin account or create and deliver a temporary login for testing purposes.
After the tester has done the job, you can verify the integrity of your site with online scanners. Proceed and check your website for remaining gaps.
STEP 8: Proactive measures
The more you focus on proactive measures, the more you play well for your WordPress website. To get started, take care of the following facts and avoid hacking attempts on your site.
- Monitor file changes: Install the WordFence plugin that sends you weekly emails about recent file changes.
- Tighten your site against Dictionary/Brute Force attacks: Use Limit Login Attempts plugin to lock out users who try to break in your site by entering invalid credentials.
- Hide your sensitive assets with Robots.TXT file: A Robots.txt file includes directions to search engine bots, such as instructions to hide or index specific resources on your website.
- Update your WordPress, themes, and plugins on a regular basis.
- Configure Google Alerts: By using the SITE operator, you can keep an eye on newly created resources on your site. This way, you can spot out things you didn’t build on your website.
Last but not least, keep an eye on WordPress security alerts. If you read about a specific recommendation, proceed to patch or remove the particular asset from your WordPress website.
Over to you
It is better to keep things secure, rather than wondering about how to recover a hacked WordPress website.
Once you install a WordPress website, don’t forget to set the Two Factor Authentication feature. Also, install security plugins for enhanced security.
If you can play the role, always prefer to install WordPress from scratch. However, proceed if your site is young and doesn’t have a large volume of content.
Above all, don’t overlook the power of proactive security measures. In addition to it, you can invest a small fee for hiring a professional for securing your WordPress website.
To gain more information, you can proceed to read on how to harden a WordPress website. Also, don’t forget to join the conversation in the comments and let us know about your thoughts on recovering a hacked WordPress website (as a Beginner).