What to Do If Your WordPress Site Is Hacked
Discovering your site has been hacked is stressful, but a calm, methodical response limits the damage and gets you back online. The worst thing you can do is panic and start deleting things at random.
This guide outlines the right steps to take, and how we help.
Signs of a Hack
- Unexpected pop-ups, spam links or redirects.
- Strange new admin users you did not create.
- Google flagging your site as unsafe.
- Your host suspending the account.
Immediate Steps
- Contact us straight away.
- Avoid logging in repeatedly from infected devices.
- Change all passwords once the site is secured.
- Do not simply restore over the top without cleaning.
How We Recover It
We take the site offline if needed, scan for and remove the malicious code, identify how entry was gained, restore clean files from backup, then harden the site to prevent a repeat before bringing it back online.
Frequently Asked Questions
Will I lose my content?
Rarely, thanks to backups. We aim to restore a clean copy with your content intact while removing the infection.
How do I stop it happening again?
Ongoing updates, strong passwords, two-factor login, a firewall and regular backups dramatically reduce the risk.
If you need a hand with any of this, your Progressive Robot delivery team is ready to help. Raise a ticket from the Support area of your client portal or speak to your account manager and we will guide you through the next steps.