It doesn’t matter how secure you think your website is, it will never be absolutely secured. One day, you might find your website got hacked, and you might be angry or panic, because you have put in so much time, energy, and money to build your website; and now, it’s just gone.
Especially when it comes to WordPress websites, there are many vulnerabilities. Such vulnerabilities might be outdated WordPress scripts, Plugins, or Themes.
10 Steps to Act If Your Site Has Been Hacked:
1. Take a deep breath, relax, and keep calm. It doesn’t matter how angry you are, it will not change the fact that your website has been hacked. Being angry or panic will not solve anything, but will mess up your mind.
2. Scan your computer with an antivirus software, make sure there is no malware or any virus on your computer.
3. Now, contact your hosting company, and request anything weird happened to your account which caused the hack.
4. Change all login information: hosting login info, FTP login, WordPress login info, and SQL database login info.
5. After you have information from your host regarding the hack, you can try to fix it by yourself or contact a WordPress professional or expert to fix the issue.
6. Login to WordPress, update WordPress core files to the latest version, update all themes, and plugins.
7. Check all WordPress users, if you don’t know them, delete them. You should never assign too many administrator role logins to too many people.
8. Schedule regular backups. You should always do regular backups for your website. Once every week or two weeks is highly recommended. If you have a high traffic website, you should backup your website database daily.
9. Consider moving your website to a more secured hosting environment if you think your current hosting server is not doing anything, such as updating php to the latest version, to combat the latest threats.
10. Improve the security of your WordPress site by follow these security steps.