A Hacker is using laptop computer to steal data

How to Recover from a WordPress Hack Safely and Fully

ByChristophe Reading Time: 3 minutes

It feels personal—but it’s not. Hacks happen to the best of us.

Why It Matters

Contents

A Hacker is using laptop computer to steal data

A hacked site can destroy your traffic, reputation, and revenue.
Knowing how to respond (and prevent future damage) makes all the difference.
whywp.com was built to help users like you make smarter decisions with confidence.

Step 1: Identify the Hack

Clues your site’s compromised:

  • Homepage is defaced
  • You’re redirected to spam/pharma sites
  • Google shows a warning
  • Hosting provider suspends your account
  • New users or code you didn’t add

Use Sucuri SiteCheck or Wordfence’s scanner to confirm.

Step 2: Put the Site into Maintenance Mode

Stop the bleeding. Use a plugin or .htaccess rules to block public access while you clean up.

Step 3: Backup the Current (Hacked) State

Why back up a hacked site? For forensic review and in case you break things during cleanup.
Use a tool like All-in-One WP Migration to capture everything.

Step 4: Clean or Restore

Option A: Restore a Clean Backup

If you know when the hack happened and have a clean backup, restore it.
Then update all plugins, themes, and core.

Option B: Manual Clean-Up

  • Remove suspicious admin users
  • Replace core files from a fresh WP download
  • Scan with a tool like MalCare
  • Check wp-config.php and .htaccess for injected code
  • Replace theme and plugin files manually

Step 5: Change All Passwords

Every single one:

  • WP Admin
  • Hosting control panel
  • FTP
  • Database
  • Your email (just in case)

Step 6: Harden the Site

Use your security plugin to:

  • Enable two-factor authentication
  • Limit login attempts
  • Disable file editing from WP admin
  • Set file permissions properly

Step 7: Request a Google Review

If your site was blacklisted or flagged, use Google Search Console to request reconsideration after cleanup.

Final Takeaway

Recovery is painful—but it’s doable. Follow the steps, take your time, and learn from it. And when you’re ready, whywp.com can help you build a stronger fortress for the future.

FAQ Section

Can my site get reinfected?

Yes—if you don’t find the entry point and fix it.

What if I don’t know how I got hacked?

Use logs and scanner tools to trace vulnerabilities. Or hire a cleanup service.

Should I tell my users?

If personal data was exposed, yes—legally and ethically.

Is restoring from backup always enough?

Not if the backup includes the malware. Test it before going live.

Can my hosting company help?

Good hosts often assist with cleanup. Some have malware removal as part of their plans.

Written by Chet from The Editorial Team.
Learn how we write and test all our content for accuracy.

Similar Posts