WordPress Tutorial Videos by WP101®

175+ WordPress tutorial videos for non-techies.

How to Fix a Hacked WordPress Website (The Right Tools & Services)

LinkedIn
How to Fix a Hacked WordPress Website (Tools & Services)

Discovering your WordPress site has been hacked can be a heart-stopping moment for any website owner.

Over the years, we’ve not only heard from countless readers facing this nightmare scenario, but we’ve also directly helped users in recovering their hacked websites.

What I’ve seen happen so often is that a website owner will clean up their site on their own only to get hacked again. There’s a reason for this which I’ll explain in this guide.

I’ll walk you through it step by step on how to identify a hack, fix it, and also fortify your website so that there’s no chance of getting hacked again.

The Best Way to Fix A Hacked Website

Trying to clean a site yourself can sometimes be a process of trial and error, which can be time-consuming and may not guarantee a thorough cleanup.

While it can be tempting to try to fix a hacked WordPress site yourself for free, I recommend using a professional service or plugin because there are serious consequences to a hacked site:

  • Loss of traffic and revenue as search engines blacklist your site
  • Theft of sensitive customer data, leading to legal issues and loss of trust
  • Damage to your brand’s reputation that can take months or years to rebuild
  • Malware spreading to your visitors’ devices, further damaging your credibility
  • Potential loss of all your content if backups aren’t in place

The most troubling is that if your web host detects that your site is infected, they will immediately take your site offline to safeguard their servers and other customers.

Added to this, if Google and other search engines detect malware on your site, they’ll blacklist your site and display a warning to users that your site could be harmful. So users won’t be able to access your website.

Warning on Google for hacked site

If you don’t clean up your site properly and you get reinfected, you risk being banned by your web host. It also becomes that much harder to get your site taken off Google’s blacklist.

Investing in professional help can save you time, clean up the hack fast, and ensure that your site is not only clean but also fortified against future attacks.

Some hacks can be particularly complex, involving advanced persistent threats or rootkits that are difficult to remove without specialized knowledge and tools. Professionals are better equipped to handle such complexities.

So first, I’ll recommend a reliable cleanup service for hacked sites that will handle it for you. Then, I’ll also walk you through the steps of cleaning it up with the help of plugins.

Keep in mind, malware removal and hacked site cleanups will cost money as it is a complex process that takes time and expertise. Whether you choose a professional service or a WordPress plugin, both will charge for malware removal. I haven’t come across any free service yet.

This is why I always (always!) recommend taking strong security measures from the get-go to prevent hacks and vulnerabilities.

That said, let’s take a look at one of the best professional services to repair a hacked site.

WPBeginner Pro Services: Hacked Site Repair

WPBeginner is a well-known resource for WordPress users, offering a wealth of tutorials, tips, and tools to help both beginners and advanced users manage their WordPress websites.

They offer Pro WordPress services like Site Design, Maintenance, and Hacked Site Repair.

WPBeginner pro services hacked site repair
WPBeginner’s hacked site repair service is designed to help you recover your WordPress website from malicious attacks. They strive to get your site back to normal as soon as possible, usually within 24-48 hours but it can take up to 4 days if it’s a more complex problem.

Whether you’re dealing with a malware infection, unauthorized access, or any form of cyber-attack, their team of experts offers comprehensive solutions to clean and secure your site.

Their services are by far the most affordable I’ve come across compared to other security platforms that offer the same features. Their plans start at $249.

Key Features

  1. Thorough Malware Removal: The WPBeginner team conducts a deep scan of your website to identify and remove all malware. They use specialized tools and techniques to ensure that your site is free from malicious code and backdoors.
  2. Security Audit: After cleaning your site, they perform a detailed security audit to identify any vulnerabilities. This includes checking outdated plugins, themes, weak passwords, and other security loopholes.
  3. Updates and Patching: Ensuring your WordPress core, themes, and plugins are updated to their latest versions is a critical step in securing your site. WPBeginner handles all necessary updates and patches.
  4. Cleaned Site Backup: You’ll get a backup copy of your cleaned site that you can store safely for future use.
  5. Custom Tailored Services: WPBeginner will customize the services you avail based on your needs whether you’re a blogger, small business owner, or an eCommerce merchant.
  6. Fast Response Time: In the event of a hack, time is of the essence. WPBeginner offers prompt service to minimize downtime and restore your site as quickly as possible.

The best part of this is that you’ll get access to an expert support team that you can connect with throughout.

The WPBeginner team consists of seasoned WordPress professionals with extensive experience in handling security issues, ensuring that your site is in capable hands.

Their service doesn’t just stop at removing malware; they take a holistic approach to securing your site, addressing the root cause and fortifying it against future threats.

With WPBeginner handling your hacked site, you can focus on running your business without worrying about the technical intricacies of cybersecurity.

How to Get Started

To avail of WPBeginner’s hacked site repair service, visit their dedicated service page. Choose the Standard or Priority plan based on your needs and follow the instructions to submit a request.

Clean My Site Now

Fix a Hacked Website With WordPress Security Plugins

Cleaning up a hacked WordPress site on your own might seem like a cost-saving measure, but there are several critical reasons why it’s generally not recommended unless you have significant technical expertise.

First, if all traces of malicious elements aren’t removed, your site could quickly become reinfected. You may clean up visible issues but fail to identify and fix the underlying vulnerabilities that allowed the hack in the first place.

Next, the slightest misstep could lead to accidentally deleting or modifying important files, potentially causing more harm to your site.

Even if you clean up the malware, it can be challenging to determine how the hackers gained access, making it hard to prevent future attacks.

Now that we’re clear about the risk, I recommend you proceed with caution. Here’s the step-by-step tutorial you can follow to clean up your site:

Step 1: Identify the Hack

The first step in resolving a hack is to identify that your website has been compromised. Some common signs include:

  • Unexpected drops in traffic
  • Unauthorized changes to your content
  • Website redirects to unknown websites
  • Security warnings from your browser
  • Unusual server activity or slow performance

The best way to identify a hack is to use tools like Google’s Safe Browsing tool, security plugins like Wordfence or Sucuri, and your hosting provider’s security scanner.

You can also scan your site for free. Simply paste your site’s domain URL here » IsItWP Free Security Scanner.

IsItWP free security scanner

If these scanners detect malware, you’ll see a warning like this:

Sucuri hack detected

If you see a warning like this then it’s time to take measures.

Step 2: Take Your Site Offline

To prevent further damage and stop the spread of malware, take your site offline. You can use a plugin like SeedProd to enable maintenance mode in just one click.

You just have to switch on the toggle button to active maintenance mode and the plugin will display a custom maintenance page to any user that visits your site during this time.

Activate maintenance mode

What I love about SeedProd is its template library with readymade maintenance mode pages. You can quickly customize and display them on your site. Learn how to set up a temporary maintenance page here.

SeedProd maintenance mode templates

This will inform your users that the site is undergoing maintenance and will be back soon.

Step 3: Try a Backup Copy

Once you identify that your site has been hacked, try restoring your backup copy if you have one.

If you’ve used a backup plugin like Duplicator, you’ll see an option to restore your backup like this:

Recovery point button in Duplicator

This may work in some cases. But most hackers know how to create backdoors that they can use to reinfect your site even if you restore your backup.

I don’t recommend this method. Only if you are in a rush to get your site back, restoring the backup might help you get your site online while you troubleshoot.

If you have no backup copy at all, I recommend backing up your site now before you make any changes. This simply creates a fallback option if anything goes wrong during the cleanup process.

You can take a backup with your hosting provider or by using a WordPress Backup Plugin.

Step 4: Change All Passwords

Immediately change the passwords for your WordPress admin account, hosting account, FTP/SFTP access, and associated email accounts. Encourage all users with access to your site to do the same. Use strong passwords that include a mix of letters, numbers, and special characters.

Set a strong password

In some cases, you may be locked out of your WordPress admin account. You’ll have to contact a professional service to help you since you won’t be able to install a security plugin.

Step 5: Scan and Remove Malware

Use a reliable and trustworthy security plugin to scan your site for malware. These tools can often detect malicious code and help you remove it. Here are the ones I recommend:

  • Sucuri: A comprehensive security platform with a malware scanner and a firewall. They offer a malware removal and cleanup service that starts at $199 per year.
  • Malcare: A security plugin with malware scans, backups, and instant malware removal that starts at $149 per year.

Be thorough and follow the instructions provided by the plugin to clean up infected files.

I can’t stress this enough – Incomplete removal of malware can lead to recurring infections. If even a small piece of malicious code is left behind, hackers can easily reinfect your site.

Step 6: Restore Clean Versions of Files

If the malware removal process leaves you with corrupted or incomplete files, restore clean versions from a previous backup.

You also need to replace core WordPress files with a fresh installation copy that you can download from the official WordPress.org website.

Get WordPress

You need to be extra careful here. Mishandling the cleanup processes, such as improperly restoring files or the database, could lead to data loss or corruption.

Step 7: Reinstall Plugins and Themes

For each plugin and theme, install fresh copies from the official WordPress repository.

If you’ve used a premium plugin or theme, then make sure you get fresh files from the developer.

Avoid reusing compromised files. Avoid using nulled or pirated plugins/themes, as they often contain malware. Verify the source and credibility before installation.

See our list of recommended plugins for WordPress sites that are trustworthy.

Step 8: Bring Your Site Back Online

After ensuring your site is clean and secure, take it back online. You can do this by simply disabling the maintenance mode in SeedProd.

Make sure you delete any backup copies that might be infected. If you’ve created staging sites at any time, make sure you delete those as well and start fresh.

Monitor your WordPress site closely for any unusual activity over the next few days and weeks. Run malware scans regularly to make sure your site isn’t infected again.

Post-hack Precautions

To prevent future hacks, here’s what I recommend:

  • Install a security service or plugin that offers 24/7 monitoring, scanning, and a robust firewall (WAF) to prevent bad bots and known hackers from accessing your site
  • Install a valid SSL certificate on your site
  • Enable two-factor authentication (2FA)
  • Remove plugins and themes you aren’t using
  • Regularly update passwords
  • Limit login attempts
  • Disable file editing in the WordPress dashboard
  • Regularly backup your site and store backups offsite
  • Schedule regular security scans and updates
  • Educate your team about cybersecurity best practices
  • Monitor server logs for suspicious activity

I hope you found this guide helpful.

Always make sure your website is hosted with a reputable web hosting provider that takes security seriously. Bluehost, SiteGround, and Hostinger are web hosts that offer top-notch services, great site speed and performance, and robust infrastructure with all the necessary security measures.

Also, here are the Best WordPress Support Agencies that might come in handy when you need help with your site.

 

Recent Posts

Connect with Us