My WordPress Site Was Hacked! What Can I Do to Fix It and Prevent It From Happening Again?

My WordPress Site Was Hacked! What Can I Do to Fix It and Prevent It From Happening Again?

WordPress is the most popular platform for websites. However, it is also the most compromised CMS on the web due to the sheer number of websites.

Even if you have basic protection on your website, people with malicious intent can still find access points through various tricks and loopholes in the code.

If and when that happens, you have to be prepared. In this article, we’ll show you situations from which you can tell you are hacked and what you can do to fix your website and prevent other hacking attempts.

How to Know You Are Hacked

Anonymous hackerYou Can’t Log In

If you cannot log in to your website, this may indicate that it has been compromised. If you tried everything and you are sure the login information is correct, chances are you have been hacked.

Other Content on the Page or Even the Message “You’re Hacked”

Replacing the homepage with a static page is one form of hacking. If it looks different or has a different theme, it was most likely compromised. However, changes may be more subtle, such as the addition of bogus material or links to shady websites.

You might have been hacked if your footer is full of links you didn’t add, mainly if those links are obscured or in tiny font size.

Your Site Is Redirecting

Hackers will add a script that redirects your visitors to another site. This is most likely a place you do not want the customers to use.

Warning From Google Chrome

Your browser may be telling you that your site has been hacked if you see a warning from Google Chrome. However, it may also be a problem with domains or SSL or any code in a theme or plugin that needs to be removed.


If there are suspicious ads or popups on your website that you haven’t put, chances are, a hacker put them there.

How to Fix a Hacked Website

ToolsIf your WordPress website has been compromised, you must act quickly. Hackers inflict significant harm to websites, some of which are irreversible. Why are hackers so dangerous and must be dealt with as soon as possible?

Hackers use the site to conduct malicious practices such as injecting spam links, phishing, defrauding guests, and stealing sensitive information. Also, when the domain participates in those events, search engines such as Google will blacklist it.

As a result, your web server will cancel your hosting account, causing your website to go offline.

If you’ve tried a few hack recovery options, you’ll notice that not all of them are successful in removing a hack. In this text, we will help you to fix your hacked page.

Emergency Recovery Script

ERS sectionAre you unable to log in and can’t use the admin panel? Maybe your WP core files have been compromised, or you have been hacked? Whatever the issue is, you can fix it in a few minutes with the free Emergency Recovery Script.

Emergency Recovery Script (ERS) is a standalone, single-file that is WordPress independent. It was designed to restore your WordPress site under the most challenging circumstances.

You will usually address the issue with a plugin if WordPress seems to be running correctly, and you can enter the admin. However, if that also doesn’t work, ERS is the only option requiring changing any scripts, code, or messing with the database. It will also stop you from having to reinstall the whole site and possibly lose results.

Emergency Recovery Script works by analyzing your WordPress installation on its own. It then provides you with over 12 tools to assist you in resolving the most common issues and allows you to log in and access the site as usual.

WP Reset

WP Reset WP Reset is a plugin that comes equipped with Emergency Recovery Script, and it’s best used in conjunction with it. With over 200 thousand happy users, WP Reset proves to be a helpful tool for all those who want to be spared the headaches caused by the problems on WordPress-powered websites.

This plugin works wonders for restoring and resetting your website in situations such as a hacker’s attack. It has helpful tools that will allow you to restore your files, clean up your plugins and themes. There is also a Nuclear Reset option that will completely wipe clean your site.

WP Reset offers one of the best tools is the Snapshots, which you can read more about below.


WP Reset Snapshots optionWP Reset takes snapshots automatically just before you want to make changes to your site. Those are then sent and kept either at WP Resets cloud or some other popular cloud service like Google Drive or Dropbox.

Whenever you change your website and don’t like how it turned out, you can access one of the snapshots and revert to when the site was working.

Restore From Backup

If you have backups for your WordPress account, it might be best to restore one from your website working as usual.

In the worst-case scenario, if you don’t have a backup or your website has been compromised for a long time, and you don’t want to lose the content, you should manually uninstall the hack. We recommend using ERS and WP Reset.

Contact Your Hosting Provider

In these cases, the majority of successful hosting services are highly supportive. They have seasoned workers who deal with these issues regularly, and they are familiar with their hosting settings, so they can directly help you. Begin by contacting and following the instructions provided by your web host.

However, if you’re on shared hosting, it’s possible that the hack impacted more than just your account. Your hosting company will also be able to provide you with specific details about the hack, such as how it began, where the loophole is hidden, and so on.

HostGator and Siteground, in our opinion, are also very accommodating when something like this occurs.

Contact a Maintenance Company

Your site was hacked, and you tried everything that we talked about here, and still nothing? It’s time to hire someone to help you. After doing some research, it seems that many companies offer similar services for similarly low prices.

It’s not easy to choose the right provider to look after your WordPress account, but after digging a little further and seeing what each of them has to offer, you will find the right one for you. For more information on maintenance companies and their comparison, head over to this link.

You Fixed Your Site, Now What?

PadlocksIt goes without saying that getting a good backup plan in place is the best form of protection. If you don’t already have one, please set up a system to back up your site regularly.

Critical failures can happen, and WP Reset is there to lend a helping hand in these situations. With the plugin’s help, you can quickly recover from a problematic situation.

Aside from that, here are some more things you can do to ensure your website is protected.

Change Website Hosting

You’ll be sharing disk space with hundreds of other customers if you want cheap hosting. This would not only cause the site to slow down, but it will also raise the likelihood of one of the other sites adding server insecurity.

Cheap hosting companies are less likely to keep a close eye on server security or assist you if your account is compromised. On the other hand, a good hosting company will work hard to keep your website secure.

Install a Security Plugin

If you are using a protection plugin, it will alert you of any unusual behavior on your website, such as unauthorized logins or corrupt files.

If you don’t know which security plugin to choose, here are our recommendations.


WebARXWebARX is a website security tool that allows you to encrypt and track your websites from one central location.

Wordfence Security – Firewall & Malware Scan

Wordfence Security- Firewall & Malware ScanWordfence Security- Firewall & Malware Scan features a built-from-the-ground-up endpoint firewall and malware scanner to secure WordPress. Wordfence gets the latest firewall rules, malware signatures, and malicious IP addresses from the Threat Defense Feed, so it can keep your website secure.

Wordfence is the most robust WordPress protection system today, with 2FA and a suite of additional tools.

Security Ninja – Secure Firewall & Secure Malware Scanner

Security Ninja- Secure Firewall & Secure Malware ScannerFor over ten years, Security Ninja- Secure Firewall & Secure Malware Scanner has ensured the safety of thousands of website owners just like you. It runs 50+ vulnerability checks in a single click and finds problems you didn’t know about.

Now is the time to benefit from Ninja’s versatility and ease of use.


It’s an awful feeling to get your website compromised. It means that it is unavailable to visitors, which may harm your business. When such a situation happens, it’s important to act quickly and smartly. Try not to panic and remain calm. In this article, we have gone over some signs that your website was hacked and tips on how you can fix a hacked website and prevent other hacking attempts.

As you can see, it’s best if you have a tool in your arsenal that will help you in a problematic situation like this one. We recommend you try out WP Reset and Emergency Recovery Script, tools with a solution for any issue you may encounter on your website.

Editorial Staff

Editorial Staff at 85ideas is a team of WordPress experts led by Brian Harris. Here to share amazing tuts, guides and collections.

No Comments

Post A Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.