Getting your WordPress blog hacked is a very scary thought. After all, you spent so many hours updating that site and making it perfect and now someone is coming along and they might have destroyed it, changed it, or is now trying to extort you for access.
There are a few things you can do when someone gets access to your site. The very first thing you should do is backup everything. Backup your blog, backup your files, keep it all in a safe place, and let your web host know immediately that someone has access. They can go in and make sure to change your passwords and clean out any extra FTP or Shell accounts that the hacker may have added.
The very important thing you should do is backup everything, change all passwords, and delete and restore your site.
Now backing up everything is a pretty straight-forward process. If you have a WordPress backup plugin and you should, make sure to run that and grab the backup that it has generated. Then also be sure to grab a backup of the entire account. If you don’t know how to do this, your web host should be able to do it for you. Now you have a copy of all your files, so that even if the hacker deletes everything you still have a copy.
The next step is to change all of your passwords, and I do mean ALL. Change your email account password, change your WordPress account passwords, your FTP login, your account login, change any and all passwords to make sure this hacker can’t get in later on.
And then what you should do is delete and restore. Most web hosts will recommend that if someone has really gained access to your site to back it up, blow away the entire account and set it up somewhere else, because you don’t know if they have set up some kind of a plugin or some kind of a script that will monitor for any new logins or any new passwords.
Delete whatever is on there, especially any new pages or content the hacker may have added, and restore your account somewhere else.
After you restore it, you are going to have to comb through it and make sure that these new restored passwords are changed as well, just to make sure that someone can’t get in. But at the end of the day, if you have removed any new things the hacker has added and changed all of your passwords, there really is not a lot they can do to get back in.
I think the most important thing for you to do is backup your site on a regular basis, that way if someone gets access to your site, it’s simply a minor inconvenience of changing passwords and restoring. There is no loss of information. That is what you do if someone gains access to your WordPress site. Backup everything, change all passwords and delete and restore what’s there.