If your website has been hacked, and if you can still access the backend, here are a few tips to get it back online.

Reinstall WordPress

Under updates, press the "Reinstall Now" button.

Re-install Now

Alternatively, you can download WordPress, removing the wp-content folder from the download and uploading it via FTP.

Replacing the WordPress file structure will remove any malware in the basic file structure.

Remove Unused WordPress Themes

Remove any unused themes in your themes folder will quickly remove hidden malware files.

Unused Themes

Reinstall Plugins

Replace, reinstall, or remove your plugins. If you have deactivated plugins, you can delete those. The biggest takeaway is to have a clean plugin folder.

Reinstall Plugins

Scrutinize your Media Folder

Go through your media folders looking for rouge PHP files; you should only find image files. If you find an index.php file, that should be there, but it should be empty.

Inspect your Wp-Config.php + Index.php files

If you see a lot of code injected into the top of wp-config & index.php files that make zero sense, it's most likely spam. If you aren't sure, ask an expert. Otherwise, delete the injected scripts (not the files itself).


Poke around

Just poke around your files, looking for anything that looks suspicious. These are typically files that are unpronounceable.

Malware Code

Update your File + Folder Permissions

Last but most important, update your folder and file permissions. If you are on a shared host or not sure how to do this, ask your hosting provider to update these settings for you.

If you don't, it's like leaving the front door of your house after it's been robbed.

Still, stuck? Contact me for help.