Did you get hacked? No worries cos I have got you covered

Do you think your WordPress website is hacked and are looking for solutions to fix the problem? A hacked WordPress website is sad news, but the good news is that there are solutions to the problem. 

In this article, you’ll learn that you can get rid of hacks manually or by using a trusted service to take care of the task for you.   

Are you not sure if your website was hacked? Then familiarize yourself with the top signs of a hacked website. Keeping these in mind allows you to spot a hack early and potentially stop serious damage. 

how to fix a hacked wordpress website

Table of Contents

Most Common Signs of a Hacked WordPress Website

Hacked websites have common signs that anyone can spot if you know the signs. Here are some of the top ones you need to be aware of:

Slow website:

One red flag is when your site becomes slow almost overnight. The amount of stress your servers are under determines your site’s speed. When users request page loads or watch videos on your website, these functions use bandwidth. 

Hackers might use your website for activities, such as sending spam email or displaying advertisements. These activities use your site’s bandwidth and can cause your website to slow down. Monitor your website’s traffic reports to see if you are experiencing a natural spike in traffic, or it’s malicious activity.

Passwords don’t work:

It’s not uncommon for website owners to forget their passwords. However, when you are sure the correct passwords aren’t working, it could be a sign of a hacked website. Hackers will retrieve and change passwords, preventing owners from logging in and stopping their activity.

malware chrome
The kind of warning browsers will show when you attempt to visit a hacked website

Website redirects:

Have you noticed that your webpages redirect to unknown websites? That should sound an alarm that hacking has occurred. It’s a strategy hackers use to trick users into downloading their questionable software. They hijack the reputation of your website to spread questionable software.

Unknown user accounts:

If you have a large team of employees, your websites might have hundreds of users with admin permissions allowing them to make significant changes. Therefore, it can be hard to spot unauthorized accounts if you aren’t looking for them. It’s essential to monitor the pool of accounts with special permissions within your website.

Backlisted on search engines:

It’s a tough day when you learn that your website is no longer appearing on the top search engines, such as Google and Bing. Search engines block websites involved in illegal activity. If hackers hit your website, then you might unknowingly be involved in that type of activity. You need to address the hack before you can reappear on search engines.

Antivirus software alerts:

Is your antivirus software constantly giving you warnings? You need to pay attention to alerts and take steps to deal with them. The type of alerts you receive depends on your antivirus software. Pay attention to the alerts, and don’t procrastinate on dealing with them.

Hosting provider suspends site:

Hosting providers have a responsibility to ensure their sites are functioning legally. They have the right to suspend your website if they suspect foul play. Did you receive an email that your website is engaged in illegal activity? Then your WordPress website might be hacked, and your hosting provider can help you deal with the problem.

You might find your hosting suspended if you use a shared server, even if there’s no problem with your site. It’s guilt by association—when one site gets hacked on a shared server, hosting companies might suspend them all.

account suspended

Google message:

Google might not remove your website from their search results if they suspect hacking of your website, but instead show a message saying “This Site May Be Hacked” or raise an alert that the site is dangerous or malicious. Those messages will discourage any visitors and tank your website traffic from the search engines. Thus, it’s imperative to your online survival to figure out if hackers have attacked your site.

Illegal pharmaceutical drug site rankings:

Is your website ranking for illegal drugs, and your website has nothing to do with that category? Hackers might be using your website to sell these products. You need to find the hacked parts of your website where this illegal activity is occurring.

How to Fix a Hacked WordPress Website

Using the list of symptoms above, are you confident someone hacked your website? If so, then you need to remove the hack. There are two main methods to do that, a manual method and using a service. Both methods can be effective in dealing with the problem. 

Remove Hacks with Premium Services

Are you worried that manually removing hacks will not get the job done? Then you can invest in premium services, such as Astra Security and Sucuri. They have the experience to completely clean hacked WordPress websites and restore them to full functionality.

These services can deal with the latest hacks that might be using advanced techniques—fighting against hackers that are more tech-savvy than you can be a losing battle. You need to tilt the odds of success in your favor with the help of professionals.

These services can also provide a detailed report of what damage your website suffered, enabling you to identify the solution to reverse the damage. For instance, if you learn that your search engine rankings took a hit from the hacks, you can invest in SEO to boost rankings.

Do background research on a service you plan on hiring for the hack removal job. Make sure the service is reputable and has a proven track record of success. Also, don’t go for the cheapest option that you find. Be prepared to spend as much money as it takes to hire a competent service. Your business depends on it. 


Manual WordPress Hack Removal

Start by identifying the type of hack your website has suffered. You can do this by using a scanning tool to search for the malicious code. Make sure to do a deep scan of your website so that you’re able to identify all hacked files.

Your web host should be able to perform a free scan for you but if not you can check out one of my favorite tools for scanning which is the free malware scanner by Sucuri

sucuri scanner tool
Just enter your URL and scan ... easy as pie

If you can identify the hacked files, you can replace them with back-ups or download new files from legitimate sources. It’s as simple as overwriting the hacked files with original ones to get rid of the hack.

Most hosting providers allow you to back-up files periodically. Request the files from the web host, or they might be available in your CP panel. Be careful when overwriting files since you don’t want to accidentally lose data. It’s advisable to use a professional that knows how to overwrite hacked files while keeping your data secure

You might also see some newly created malicious files courtesy of the hack and you can choose to manually delete them.  

Sometimes it can be very easy for you to identify such files by their names. If the names don’t make any sense like r189a.php or spinner-2x.php then you know you are looking at malicious files. 

malware scan by siteground
A live scan provided to me by Siteground support a few years ago. I got infected with over a hundred different malicious files and it took me several hours to get rid of them

Remove backdoors:

Backdoor PHP functions are an easy way for hackers to access your website without your awareness. They inject the wp-config.php file, and your website is under their control. You must clean and shut these to halt their entry.

Database tables:

Use the database search to find malicious PHP functions, which might be preg_replace, base64_decode, and eval. Clean malware-infected database tables to deter hackers from executing their illegal activity. 

After Malware Removal:

Once you feel confident that you have gotten rid of the files, run another scan again just to make sure. 

Rinse and repeat until you have completely cleaned up your site.

Next use Google’s Transparency Report. Google provides excellent diagnostic tools for website owners to evaluate their site status.

How to Avoid Hacks

To avoid the hassle of removing hacks, you can take precautionary steps to avoid getting your WordPress website infected in the first place. Here are some of the top security flaws you can fix today:

  • Update your WordPress software as it’s constantly updated to plug security holes. Set your WordPress website to be updated automatically when a new update is released. Also, update any other software that relates to the functionality of your website.
  • WordPress themes and plugins should also be updated. It’s easy to forget that you are using so many different third-party programs on WordPress, but each one represents a potential security gap. Check each plugin individually to see if it’s the latest version.
  • Next, create a system where user account passwords have to be updated periodically.
  • Also, consider the permission rights of users and disable user cookies on the WordPress admin panel.
  • WordPress firewall plugins can significantly reduce the chances of hackers gaining access to your website. It’s an easy step that will pay off in the form of reduced hacking activity on your website.

Would you like to learn how to properly secure your WordPress website against hackers and malware? Then why not check out my extensive tutorial on WordPress security.


WordPress hacks are more common than you might think. It’s a serious issue that could cripple the functionality of your business, ruin your reputation, and significantly reduce website traffic. Therefore, you need to be on the constant lookout for the top signs that indicate hacking. 

The good news is that hacks can be dealt with manually or by hiring a premium service. Don’t want trouble in the first place? Then, implement the steps above to decrease the chances of hacking success.

Subscribe to my Newsletter

Get an email whenever I release a brand new post straight to your inbox.

Share this post with your friends

I think you might be interested in similar articles like these

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top