Today, one of my clients’ websites got hacked. The homepage was a simple text message, no page was accessible.
What are the steps to make it back again the way it was before?
- Download WordPress from WordPress.org web site and put it again.
- Update the database, if/when requested.
- Recreate wp-config.php from wp-config-sample.php.
- Temporarily set a different theme (you will put it back again, of course).
- Check in admin if the widgets section of the web site has a malicious code (it was the case at my client’s web site).
- Check the homepage / other pages for malicious codes.
- If you have a database back-up, recover it from there.
- If there is still a problem with the site being hacked, recover all the files in wp-content folder from a back-up.
- Change the passwords of:
- WordPress admin / other admin-class users.
- CPanel.
- (if different than CPanel) FTP users.
- Install security plugins (more than one).