Fix Hacked WordPress Site – FAST and EASY!

Fix Hacked WordPress Site – FAST and EASY!

4 Shares

Fix Hacked WordPress Site Guided Steps

The very first thing that you should do is take a deep breath. We understand that having an infection on your WordPress website can be extremely stressful. Especially if the infection is causing your website to be inaccessible or perhaps it is redirecting visitors to another website that does not represent your online presence. Panic is never the solution to any WordPress problem. What is a better solution is to follow our easy steps that we are going to outline for you to get your website cleaned, secured and running smoothly again.

Now whether you feel like you are a very talented do it yourself-er when it comes to fixing WordPress issues or you are just a beginner and the whole idea of removing an infection from your WordPress website freaks you out either one will benefit from the information in this post.

If you would rather just spend your time doing something more productive and are looking for a service you can depend on and trust to remove your WordPress infection, you can click on the button below to see our service details which we can get started on right away.

Continuing on to Fix Hacked WordPress Site

So let us spend a little time summarizing the most simple breakdown of what a WordPress infection consists of and where the malicious files and or code is present in your WordPress site. Having a basic understanding of this will help you to more quickly establish what area is you need to focus on to get the infection removed and then take steps to secure your website to prevent any future WordPress malware attacks.

We like to say that WordPress is very similar to a human body. There are two things that a human body absolutely needs in order to live and function. Those two things are the heart and the brain. If either one of these things are not present in a human body, it cannot live and function. Now let’s take this analogy into a WordPress scenario. There are two things that are absolutely necessary in order for a WordPress website to function properly. These two things consist of the database and the files.

– THE WORDPRESS DATABASE –
The database is the area of your WordPress installation that stores all of your content and settings for the different functionality you are using on your website. A more simpler example of this would be the content for your pages and your posts. Another very common set of data that is stored in your database is all of the settings for your active theme or any other plugins that you have installed.

– THE WORDPRESS FILES –
The files portion of your WordPress installation consists of all of the actual files that are being used to not only load the WordPress software but also load and display the content on your website. Below are just a few of the main examples that exist in every single WordPress installation as far as the files.

⚡️ WordPress Core Files
⚡️ Plugin Files (active plugin(s) you are using)
⚡️ Theme Files (active theme(s) you are using)
⚡️ Uploads (images and other media you have added)

So now that we have had a short class on the anatomy of what makes up your WordPress, website we can dive into the steps to identify, isolate and remove any infectious code or files within your installation.


Scanning Time – Fix Hacked WordPress Site

The very first step that you would want to take is to identify what has actually been infected on your WordPress website. We would do this by running an infection scan. In some WordPress setups there could be thousands and thousands of files. Also the database could be extremely large. You cannot manually look at all of these files and database tables to identify what’s been infected. You need to rely on scanning software to do this portion of investigating any malicious files or code within your WordPress installation.

We have a FREE WordPress Malware Scanner Plugin that you can get immediately to scan all the files within your WordPress website and the database. See it in action below.

Take a look at another article we wrote below which will provide some other free WordPress infection scanning plugins that you can use to scan your website and identify the infected files and or database infections that exist.
https://www.wpfixit.com/wordpress-infected/

Now the scanning process is only doable if you can actually log into the administrative area of your website. Many times when you are dealing with a WordPress infection the access to the administrative area is not available. Your website is either completely down or any attempts to access any URL will redirect you to another spam or malware site. If this is the case, there is a different process that you must take in order to get you to a point where you can actually run a scan. Let’s examine those exact steps that you would need to follow if your website is not accessible.

😭 No Site Access To Fix Hacked WordPress Site

So the process of addressing a WordPress infection if you do not have access to the website (meaning that you are unable to login to your administrative area) is a little bit more complicated but definitely something that anybody can do regardless of their skill level. We are going to try our hardest to make this as easy as possible so if you want to take the actions to clean up the infection on your WordPress website these are the steps to do so.

So the very first goal that we wish to achieve here is to be able to actually log into the administrative area of our WordPress website. Once we achieve this we will be able to install an infection scanning plugin like we mentioned earlier to scan all of the files and the database for our website.

The fact that you do not have the ability to log into your website means that you are either experiencing a completely broken website where the login page is not accessible or every time you visit a URL on your website it redirects to some type of spam or malware site. Let us focus on giving attention to the issue of the website being completely down and the login page is not accessible.


👉🏻 No Login Page – Fix Hacked WordPress Site

So if the login page is completely inaccessible this means that there is a problem with the files that your WordPress website is using to function. Through a process of elimination we will identify which group of files is actually causing the problem.

There are three main groups of files that make up your WordPress installation.
⚡️ WordPress Core Files
⚡️ Plugin Files (active plugin(s) you are using)
⚡️ Theme Files (active theme(s) you are using)

If any of the files in any of the three main groups mentioned above are corrupted or contain some malicious code it can cause your login page to be inaccessible. Knowing this we now have two do some troubleshooting to isolate which group of files is causing the problem.

⚡️ WordPress Core Files
This is actually the easiest of the three groups to rule out being the problem causing your login page not to be accessible. What you need to do here is remove all of the WordPress core files and reinstall fresh files. There is an absolutely amazing walkthrough article at the link below which will show you five different ways on how you can reinstall WordPress core files.
https://kinsta.com/blog/reinstall-wordpress/

After you have freshly installed WordPress core files check to see if you are able to access your login page and login to the administrative area of your WordPress website. If so this is good news because you now are able to install an infection scanning plugin to run a full and detailed infection or malware scan of your website to identify what files are infected and what infections may be present in the database. If you still do not have the ability to log into the administrative area of your WordPress website please continue on as we go and troubleshoot the next main group of files that make up your WordPress installation.

⚡️ Plugin Files
So after you have completed a fresh install of WordPress core files and you still have no luck logging into the administrative area of your website it is now time to see if your plugin files are the reason you can not login. To do this and be certain that the plugins are the issue you simply need to deactivate them all but you are probably thinking how in the world can you deactivate all the plugins when you are not even able to log into your website. The good news is that we have an easy solution and two options that allow you to do this without having administrative access. Take a look at the link below for a detailed walkthrough that will show you two different ways that you can deactivate all of the active plugins on your WordPress website.
https://jonnyjordan.com/blog/disable-plugins-wordpress/

Once you have deactivated all the plugins it is now time to check and see if you are able to access the login page to your website and get into the administrative area. If you are able to login you are going to want to head over to the plugins page in the admin area of your website to ensure that all of the plugins have been deactivated.

If you deactivated all of your plugins by renaming the plugins folder, you will notice that you will not see any installed plugins inside of your administrative area. The next step would be to rename the plugins folder that you changed back to “plugins“. Now reload the plugins page in the administrative area of your website and you will see that the plugins are installed once again but they are all deactivated. Do not activate any of the plugins.

This would be when you install your favorite infection scanning plugin to scan all of the files and the database that make up your WordPress website. If you have gone through the steps outlined here to troubleshoot the plugins being the root cause of not being able to login to your WordPress administrative area and you still are unable to access your login page it is time to move on to the final main group of the files that make up your WordPress installation.

⚡️ Theme Files
So we have fully exhausted troubleshooting the two main groups of WordPress files that make up your website. We have identified that there is no problem with the WordPress core files and all of the plugins that are installed and running on your website are not causing a problem stopping you from logging into your website. There is one final group of files that we need to check to be able to repair the fact that you are not able to login to the administrative area of your website. This would be the group of files that make up the active theme that you are using on your WordPress website.

The goal here is to turn off your active theme and then test the login page to see if it is working. If it is working then you have fully narrowed it down to the theme being the reason why you are not able to login to the administrative area of your WordPress website. The difficult thing here is that since you are not able to login you are going to have to take a different approach to turn off your active theme. The article at the link below will show you a variety of ways that you can turn off your active theme in order to isolate the issue of not being able to login to your website.
https://mediatemple.net/community/products/dv/360022440131/how-to-deactivate-a-wordpress-theme-for-troubleshooting

If this step did the trick then log into your website and install your favorite infection scanning plugin to run your detailed scan and identify all the infected files or malicious code in your database.


👉🏻 Login Page Working – Fix Hacked WordPress Site

So we talked about the above steps first with not having access to the administrative area of your website but if you are one of the lucky ones that are dealing with a WordPress infection and you can log into your website there is just a few simple steps that you need to take in order to identify what has been infected in your WordPress installation.

1. Install an infection scanner plugin and run a full scan
2. Capture the results of the scan for cleaning action

At this point in your attempt to fix a hacked WordPress site, you are now armed with a list of infected files and or infected entries in your database. Let us continue on as to what you need to do next to get these cleaned out.

Continuing on to Fix Hacked WordPress Site

We have identified what files and or database tables that contain infectious code on our WordPress website, we need to take the steps to either remove or replace these files and or database tables.

If you have done a good job of maintaining and using a productive backup and restore strategy you could save yourself a lot of time and effort and simply restore your website to a date before it was infected. This would save you so much agony instead of going through your list of infected files and or database tables to remove or replace what is needed. It is so important to always have a backup and restore strategy in place not only for situations like this but for the hundreds of other things that can go wrong when managing and maintaining a successful WordPress website.

Now if you do not have a backup that you can restore your website to you are going to need to manually clean the areas of your website that have been identified to be infected through the results of the infection scan that you did earlier.

Let’s go back to what we talked about earlier. The two items that make up the anatomy of your WordPress installation. Your database and your files. 

– THE WORDPRESS DATABASE –
The database is the area of your WordPress installation that stores all of your content and settings for the different functionality you are using on your website. A more simpler example of this would be the content for your pages and your posts. Another very common set of data that is stored in your database is all of the settings for your active theme or any other plugins that you have installed.

– THE WORDPRESS FILES –
The files portion of your WordPress installation consists of all of the actual files that are being used to not only load the WordPress software but also load and display the content on your website. Below are just a few of the main examples that exist in every single WordPress installation as far as the files.

⚡️ WordPress Core Files
⚡️ Plugin Files (active plugin(s) you are using)
⚡️ Theme Files (active theme(s) you are using)
⚡️ Uploads (images and other media you have added)

Time TO Clean – Fix Hacked WordPress Site

If the infection scan that you completed returned results showing that you have database tables that are infected you will need to address that by using your phpMyAdmin interface. Below is a very detailed article showing you exactly how to use this interface to access and adjust database tables within your WordPress database.
https://www.elegantthemes.com/blog/resources/a-quick-guide-to-phpmyadmin-and-how-you-can-use-it

We do hundreds of WordPress infection removals each month since 2009. In the majority of these infection cleanups that we perform for WordPress users, the database itself does not contain infectious code. Most hacked WordPress sites will have the malicious code directly in the files rather than the database. As you may already know there is a large list of infected files that were identified when you completed your infection scan.

Use this list to go through and remove the infected files or replace the files that have had injected code added to them. Once you have gone through this list of infected files and either removed or replaced the files, you will then run another detailed infection scan to confirm that there is nothing remaining within your WordPress installation. 

We understand that this entire topic and all of these steps may be overwhelming for some. We have tried our best to make it as simple as possible and always welcome any comments you may have to clear up something that you may be stuck on during the process of removing an infection from your WordPress website. Please use the comment section below to ask those questions and also below you can see that we offer a service which can remove your infection right away. We wish you well and want to reinstate again what was said at the beginning of this post that there is no need to panic.

😷 Happy and SAFE Word-pressing!


WE CAN CLEAN YOUR SITE NOW

4 Shares

Leave a Reply

Your email address will not be published. Required fields are marked *