What to Do When Your WordPress Website Gets Hacked

By August 14, 2017Security, Websites

Your WordPress Website Got Hacked? D’oh!

WordPress has tremendously evolved since its launch in 2003. Although it continues to rank as one of the most popular CMS platforms used to build beautiful and highly interactive web spaces, it also continues to be the most attractive web application for hackers to break into. Hackers absolutely love WordPress. Here’s what you need to do if your WordPress site was hacked.

First, Make Sure You Actually Got Hacked

A lot of people assume they’ve been hacked whenever they’re experiencing odd issues, when it can really just be hosting or WordPress issues. The following are signs that you have become a victim of a WordPress burglary.

  • Check Your Links + Search Engine Results
    Do a search of your website and make sure that the search engine results are not malicious and do not contain content that isn’t part of your site. Also, make sure all of your links have not changed destinations. These are a couple of tactics hackers use to lead visitors to malicious sites.
  • Spam Check
    Is your site being flooded with spam ads all of a sudden? If your website is partaking on a spam buffet, mainly in the header and footer areas, there’s a good chance that you’ve been hacked.
  • Emails
    Did your hosting provider notify you that your site is sending malicious emails? Hackers will sometimes use your website as a disguise to send emails so that they can direct readers to click on malicious links.

Snap! So, You’ve Been Hacked

So, it’s official, your WordPress website has been hacked. Don’t panic, just breathe and follow the steps below to get it all resolved.

  • Backup
    The first immediate thing you need to do is backup your site entirely. You can either use the backup wizard that is provided by your hosting provider or a WordPress backup plugin.
  • Call Your Hosting Service Provider
    Give your hosting provider a call to inform them that your site has been hacked. Ask them to assist you on finding reasons why you were hacked and how to prevent it in the future.
  • Change Your Passwords
    Change the password to your cPanel, hosting and/or domain name account and, of course, WordPress account. Do your best not to use simple passwords.
  • Restore Your WordPress Site
    Remember how we told you to backup your site in the beginning, well if you have a recent backup prior to that one, use it to restore your site. This process is quite technical, you may want to hire an expert to do this to ensure that it gets done correctly without any issues.
  • Keep Things Updated
    Always update your website to the latest version of WordPress, along with any activated plugins. WordPress and plugin developers are constantly doing updates to highly reduce vulnerabilities.


Over 30,000 small and large websites are attacked every single day. Getting hacked can be stressful, it takes time and energy to get everything back in order, and, in simpler terms, it just sucks! Don’t leave yourself at risk. The best thing to do is prevent it from happening again (or, in the first place). This is why we provide website protection and security with Cloud Coverage. For as little as $5 month, you can ensure that every post, every picture and every page stays safe and secure.