How to Verify and Recover a Hacked WordPress Site (2024)

WordPress is an extremely popular web platform, and because of its popularity it is often the target of hackers looking to “take over” pieces of your site for their own benefit. If you suspect you have been hacked, first make sure that you’ve actually been hacked. We sometimes get panicked users contacting us thinking they’ve been hacked when their site is just misbehaving or they are seeing spam comments and can’t tell the difference between that and a hack. If your site is hacked, we’ve assembled some resources to help you get up and running again. You’re worried about how to verify and recover your hacked WordPress site?

Verify and Recover a Hacked WordPress Site


In this tutorial we’re giving you details about verify and recovering hacked WordPress websites. Have you identified the exploit vector? If not, you may be leaving yourself open to future exploit.

Other things to consider:

  1. Change WordPress admin user passwords
  2. Change Hosting account user password
  3. Change FTP passwords
  4. Change MySQL db user password
  5. Change the db table prefix
  6. Update your wp-config nonces/salt
  7. Check your directory/file permissions
  8. Block directory-browsing access, via .htaccess
  9. Go through everything in the Hardening WordPress Codex entry
  10. Go through everything in the FAQ My Site Was Hacked Codex entry

Final Words

This is not enough for most the website. Most of the hacked WordPress are not so simple to recover. Forget it what ever simple or difficult hacked, just leave us comment if you still having issue and looking forward to get a better solution. We’ve more solutions to secure and recover your hacked WordPress site.