See now how to recover a hacked WordPress sites with this easy-to-follow tutorial and fix this terrible situation that can happen to everyone that’s manage a website.
What will you do when you see the message “Your Website has been hacked”? It is the most challenging situation for a website owner, and your first reaction might be to panic. But in such circumstances, you must think calmly and make decisions studiously. Even if you have no backups, there is still possible that you can restore your website to its original fate. Away from the hacker.
This blog post will teach us how to recover when you hack a WordPress site. You must keep calm and collected to encounter the situation as quickly as possible. Otherwise, you can get into a trap in the worst case.
Suppose you don’t have the time or experience to deal with a hacked WordPress site. We strongly suggest you seek help from a WordPress malware removal service. That will clean your website, secure it and provide a 3-month hack-free guarantee.
How To Recover Hacked WordPress Sites?
You take a few deep breaths and then run an antivirus/malware scanner on your computer. So, ensure you didn’t get hacked by occupying information siphoned from your computer.
The next step depends on this question “Do you have a backup for your website”?
If Your Website Does Not Have a Backup:
If your site does not have a backup, you must work harder to restore your site. So, we don’t need to worry, as you can return to your site the way it was. You just need to follow these steps:
You Can Scan for Malware by Using a Website Scanner
To do this quickly, you can use a site scanner like Sucuri. If your site displays any results for malware, you need to stay focused and move instantly. No one wants their website flagged by Google or lose potential readers or visitors.
Optional: You Can Delete Index File, Admin Area
If you can’t locate the source instantly, you can easily delete the index file by FTP. In addition, you may need to delete the WordPress admin area through FTP. Optional: you can also upload a custom index file that shows your website is under maintenance. If you think the hacker has access to your site.
If you don’t know your WordPress version or don’t have the latest version. You have to search that out by detecting version.php in the wp-includes folder, and there you can see something like “$wp_version = ‘4.1.1’”. You need to know your WordPress version to replace your WP files.
Replace Mysql Username and Passwords with New One
You can do this to ensure that whoever has been able to access your username and password through PHP or SQL won’t be able to crack it again after you replace it with the new username and password.
You just need to access your hosting dashboard, such as a cPanel, and then scroll down and click on MYSQL databases.
Then, cross-check under the appropriate database if any extra users added anything. You can also delete if you find something unusual and then change the password of your user by clicking the user listed under Entitled Users or create a new user with the form.
Clear Away the Old Admin User and Create a New One via phpMyAdmin
First, you need to go to phpMyAdmin and head over to WP_users. Then you can find the offending account (either your old admin user account or a new one if you have been able to insert SQL).
If you want to add fields manually, this will get more complicated, but luckily, you can use a simple piece of SQL to produce all the essential areas for a new admin user.
INSERT INTO `wp_users` (`ID`, `user_login`, `user_pass`, `user_nicename`, `user_email`, `user_url`, `user_registered`, `user_activation_key`, `user_status`, `display_name`)
VALUES
(NULL , ‘username’, MD5(‘password’), ‘User Name’, ’email@domain.ext’, ”, NOW(), ”, ‘0’, ‘User Name’);
You can also change your WordPress Security Keys To Recover Hacked WordPress Sites
It is easy to change your WordPress security keys, but for this, you need to go to the WordPress salt secret key generator. Then, copy all lines and replace the suitable lines in the wp-config.php file.
If You Have a Backup For Your Website
If your site has a backup, it becomes easier for you to recover your site.
Change the Suitable Passwords and Username If Necessary: MySQL, FTP
Get into your hosting dashboard (such as a cPanel), and go to FTP and MySQL users. If you find any new ones, delete them and then change the password for the relevant user.
Restore your site from the backup using the most suitable method.
Well, this depends on how you backed up your website. Most plugins need you to restore the website to the dashboard, so you may need to create a new admin user to get access if you did it through a plugin.
Change your WordPress Security Keys To Recover Hacked WordPress Sites
This method invalidates cookies, so the hackers don’t stay logged in even after changing the passwords.
Scan for Malware and Backdoors by Using Wordfence
Head to the advanced option and select scan outside WP install and check images as executables.
If you detect any malware or other risks, change all your WordPress passwords again after deleting or replacing the files because the hacker might have hijacked the new login information via the code.
Then follow that up by enhancing your WordPress security by following the easy guide to ensure it doesn’t happen again. And, if your website wasn’t backed up, you had to go a long way to repair your site.
Conclusion To Recover Hacked WordPress Sites
So, in this blog, we explained the simple guide to recovering your hacked WordPress site. In such situations, you need to think calmly and think out the ways that can help restore the site to its original design and feel.