My website got hacked. What do I do now?
I woke up this morning and my WordPress site shows a completely different page — some gambling site. My hosting provider suspended my account. I have no idea how this happened. I need to fix this ASAP. Please help.
1 Answer(s)
Okay, don't panic. This happens to thousands of sites every day and it's fixable. First, do NOT try to clean it yourself if you don't know what you're doing — you can make it worse. Here's the step-by-step recovery plan.
Step 1: Change ALL your passwords immediately. WordPress admin, hosting panel, FTP, database — everything. Use strong passwords with a password manager.
Step 2: Take your site offline if it's still up, or keep it suspended. Don't let visitors see the hacked content.
Step 3: Install Wordfence or Sucuri (free versions are fine). Run a full scan. These plugins will find malicious files, backdoors, and modified core files.
Step 4: Delete any themes or plugins you didn't install. Hackers often hide backdoors in nulled plugins. Update everything to the latest version.
Step 5: Restore from a backup if you have one. If not, reinstall WordPress fresh, then restore your content from a clean backup. Going forward, use a security plugin, enable 2FA, and update everything weekly.