Follow @BPSPro

The orginal question was regarding removing a virus from a WordPress website.  The WordPress website had been hacked.  The answer includes the steps you should take to recover your WordPress website after it has been hacked.

Your website has been hacked. It is currently being blocked because it contains malicious code added to your website by a hacker. Either by hacking your host account password, XSS or an SQL Injection attack.

You have a reseller web host package (not going to mention the name here) and whether it is dedicated or shared is not relevant at all in regards to website security.

General website security is provided by all web hosts, but it is up to every single website owner themselves to provide their own secure website security. This is done simply by adding an .htaccess file to your website.

I wrote a free WordPress plugin called BulletProof Security >>>… that provides all the necessary security you will ever need for your WordPress website as far as XSS or SQL Injection hacker protection goes. If someone got your web host account password or FTP password then of course my WordPress plugin will not be able to help you there.

In order to restore you website from backup contact your web host and have them help you with restoring your WordPress website from backup.

Immediately after you have had your website restored from backup install the BulletProof Security plugin and activate bulletproof security mode. If you would rather create and use your own personally created .htaccess file then I recommend that you do that research first before you restore your WordPress site from backup. Why? Because your website is already a successfully compromised target. When you restore your WordPress website from backup you will have about a 15-30 minute window before your WordPress site is hacked again.

The steps you should take in order to recover from having your WordPress website hacked are:

1. Change all of your passwords: web host account and FTP passwords. You should also change your email account passwords.

2. Have an .htaccess file ready and prepared before you contact your web host. So that you can upload it to your WordPress website the second your site is successfully restored from backup or if you choose to use the BulletProof Security WordPress plugin – Install the plugin and activate bulletproof security mode immediately once you are able to log into your WordPress website again.

3. Contact your web host and ask them to help you restore your WordPress website from backup.
Good luck.

Skip to toolbar