hacked wordpress recovery

Have you got your WordPress site hacked? In this article we will learn how to recover a hacked WordPress site.

Step 1: Change Your WorPress Theme to Default Theme

To start the recovery process, login to your WordPress Dashboard. Now go to Appearance > Themes for changing your current theme and activating the default theme. Once you have activated the default one, your recovery process has been easier.

 

Step 2: Change All Passwords

Now you should change the WordPress Password, Database Password as well as FTP account Password. Remember that, never reuse any previous password. If you have multiple sites or accounts, you should use unique password for each site and account. To secure and generate new and unique passwords, you can use Password Generator tools like Fast Password Generator.

 

Step 3: Update wp-config.php File

After changing the Database password, you must update the wp-config.php file with new password. If there are multiple DB users, ensure that you are editing the correct one. You can find the correct database credentials in the wp-config.php file

Note: If you find anything like below in your file, there is a possibility that you have been hacked, and you MUST remove it ASAP:

Base64 hacks are dangerous and leave a void that hackers can use repeatedly on your site. Make sure you delete that complete section, or better yet, just rebuild the wp-config.php.

 

Step 4: Turn the Hacked Files Offline

  1. Login to your hosting account and go to File Manager
  2. Find the directory where your WordPress is installed. It might have installed in a directory or subdirectory like Blog.
  3. Rename the directory (Folder) where you have found the WordPress Files as com_Hacked and if it is in a subdirectory, rename it as YourDomain.com/Blog_Hacked

Once you have renamed the directory, your website will be offline.

 

Step 5: Install a New WordPress

Now it’s time to reinstall a fresh copy of WordPress. You can install it manually or using One-click Script Installer.

 

Step 6: Connect Your New WordPress to Your Old Database

You have to connect your newly installed WordPress with your old database. To connect them, you should will need the following information:

  • Database name
    • Database username
    • Database user password
    • Hostname
    • Table prefix

You will find this information in your previous wp-config.php file. To get these information, follow the below steps:

  1. Login to your cPanel account.
  2. Go to File Manager > Previous hacked WordPress directory YourDomain.com_Hacked.
  3. Open the wp-config.php file and you will find the mentioned Database information.
  4. Now go to your newly installed WordPress.
  5. Edit or delete wp-config.php file with.
  6. Refresh your site.
  7. You will be asked to select your preferred language. Choose and click on the Continue

language

 

 

  1. Next, click on Let’s go!

getting started with wordpress

  1. Enter your credentials and click on the submit

database

  1. Click on Run the install As you already have data in your database, you will get a message that WordPress is already installed. That means means you’ve successfully connected your WordPress installation to your old database.

run wp installation

 

Step 7: Add Your Previous Content

Now you see your website is loading and everything is fine. But there is no previous theme, plugins and images. Let’s learn how get them back.

Installing Previous Theme

WordPress themes are very much vulnerable and can get hacked very easily. So we suggest you not to use the theme from your hacked files. Install a new copy of your previous theme.

Moving Your Previous Uploads

You will find the previous uploaded files like images or other media files in the old hacked install’s directory. You might be found like YourDomain.com_Hacked /wp-content/uploads

Move them to YourDomain.com /wp-content/uploads (Newly Installed WordPress).

Check all the in this folder and make sure that all of them are yours. Normally this folder contains media files and be careful about the files those end with .php extension in the Uploads directory. If you bring any coding file that is hacked, it will infect your new site.

Installing Previous Plugins

To recover and get back to your actual previous website, you have to install the plugins that were used before. Never ever move the plugin files from your hacked folder to your WordPress Folder. You can install them in your new WordPress Dashboard. And avoid the inactive plugins those are unnecessary. Always update your WordPress plugins. It will protect your website from being vulnerable and load your website faster.

If everything is done properly, your WordPress site should load with your old database and old data with fresh installation.

  • Was this article Helpful ?
  • yes   no