Recovering A Hacked WordPress Site

WordPress is one of the most popular content management systems. More than ⅓ of websites use it, and it’s easy to see why. WordPress is free, user-friendly, and has many useful features. Unfortunately, it’s not immune to cyber-attacks.

WordPress websites have one of the highest numbers of vulnerabilities and are among the favorite websites among hackers. Fortunately, there are some things you can do to make your site more secure.

If you’d like to learn more about your website security, and other WordPress-related topics, you can visit The Web Monkey. They have plenty of useful information and tips on how you can improve your website’s defense.

But what if it’s too late and you’ve already been hacked? If that’s the case, you’ve come to the right place. Here are a few useful tips to help you with recovering a hacked WordPress site.

Identify the Cause

When it comes to hacker attacks, you need to remain as calm as you can. Seek your inner Dr. House and treat your website as an infected patient. That’s why the first thing you should do is to find the cause of the attack.

And how can you do that? By checking your website’s symptoms, of course. See, if you can:

  • Login to your admin panel
  • Access your website without being redirected to another site
  • Check whether your site contains any suspicious-looking links
  • Find out if Google defines your website as insecure

Check any of these symptoms, and write them down. Doing that will help you in identifying the cause of the attack. It can also come in handy when recovering your site step by step.

A good idea is also to check with your hosting company. Maybe they’ll tell you more about the attack and help you during the recovery process.

Recover Your Backup

Cyber attacks are among the leading causes of why you should always make regular backups of your websites. The frequency may depend on how much and how often do you post on your page. Nevertheless, they’re essential if you want your site back.

Choose the right backup from any time before the attack, and restore your website with it. But what if you don’t have your backup? Well, then you can try and remove the hack step by step.

It’s a much longer and more complicated way, and it may not bring you peace of mind. Why? Because when it comes to cyberattacks, it’s hard to detect every piece of malware, especially if you do it yourself.

Seek and Destroy

Have you ever heard of the backdoor method? People refer to it as a hackers way to bypass the website’s standard authentication remotely and undetected. That’s why, when restoring your WordPress site, you should delete all inactive plugins and themes.

Why? Because there’s where hackers hide their backdoors. Unfortunately, deleting them is not enough. You should also scan your websites for any potential hacks.

After you scan and detect any hacks, you have two options. You can either delete the hack manually or replace it with the original file from your backup.

There are many useful tools for scanning and authentication you can use, so it’s essential that you do your research and find the one that suits you best.

Change Your Passwords and Secret Keys

Changing your passwords is essential if you want to retake control of your website. When it comes to WordPress, you should update not only your primary password, but also cPanel, FTP, and MySQL passwords.

Also, don’t change your password from 123 to 1234. Make sure that your password is firm and hard to break. Otherwise, you may expect another attack anytime soon.

In addition to changing your passwords, you should always adjust your secret keys. They encrypt your passwords and keep them hidden from snoopy eyes.

Strengthen Your Defence

Congratulations, you’ve successfully recovered your hacked WordPress site. Now it’s time for you to make sure that you stay safe. There are a few things you should do to lower the chances of another hacker attack:

  • Do your backup regularly
  • Change your passwords and make them strong
  • Install a reliable firewall
  • Limit login attempts in WordPress
  • Disable theme and plugins editors
  • Set the correct file permissions

Of course, these are just a few examples of things you can do. Still, they’re crucial to ensuring that your website stays safe. You know what people say, prevention is better than cure.


The risk of cyberattacks is incredibly high for every website owner. There are things you can do to lower these chances, but you can never be 100 percent sure. That’s why it’s essential to know how to proceed when your WordPress site gets hacked.

Keep in mind that they may seem easy, but recovering your stolen data is not a piece of cake. That’s why, if you don’t feel comfortable about meddling with codes and servers, you can always seek help from online security experts.

Unfortunately, their services are costly, so it’s crucial to know at least some basics about recovering your website.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...