This post may contain affiliate links, I receive a small commission if you make a purchase with this link.

How to Get Rid of a Hacker on Your WordPress Website

In the dead of night, a digital thief slips through the cracks – discovering “How to get rid of a hacker” just became your number one priority.

Imagine this scenario: You’ve put in countless hours building your WordPress website, curating content, and engaging with your audience. Then, one day, you discover that your website has been breached by a hacker.

The immediate impact is visible and alarming. Your homepage is defaced, displaying messages or images that you didn’t authorize. Delving deeper, you find that the hacker has inserted malicious code into your website. This code could be used to redirect your visitors to spammy or harmful websites, or worse, to steal their personal information through phishing attempts.

As the news of the breach spreads, the repercussions on your website’s trust and credibility become apparent. Regular readers and new visitors, who once viewed your site as a reliable resource, are now greeted with warning messages from their web browsers or antivirus software, advising them that your site is not secure. Search engines may flag your website, leading to a drop in search rankings, directly affecting your site’s visibility and organic traffic.

The damage to your reputation can be severe and long-lasting. Readers may lose confidence in your website, questioning the safety and integrity of your content and any links or downloads you provide. This erosion of trust is hard to rebuild and can lead to a significant decrease in returning visitors.

We’ll explain in this article what steps to take to regain control of your site. How to clean up after the breach and how to install robust security measures to ensure you do not get hacked in the future.

Let’s dive into the topic of how to get rid of a hacker.

Table of Contents for How to Get Rid of a Hacker

Identifying the Breach

thief breaks into website

Confirm that your site has indeed been hacked. Signs of a hack include:

  • unexpected changes to your website
  • new user accounts in your system
  • unknown files or scripts on your server
  • alerts from security tools.

After you identify your site has been hacked the next step is to regain control of your site as quickly as possible.

Initial Steps to Regain Control

You should rapidly takes measures to regain control of your website and prevent any visitors from viewing it while it’s compromised.

Take Your Site Offline

Temporarily take your website offline to prevent further damage. This can also protect your users from malicious content or data theft. You can put up a maintenance page to inform visitors of the issue.

There are a few ways to do this.

1.Install a plugin that will turn on the maintenance mode on your website.

Maintenance Mode Plugins

2. Create a file in the root of your website directory called .maintenance, it can be an empty file. WordPress will check for it before processing a page, if found it will show the maintenance screen instead.

Contact Your Hosting Provider

Notify your hosting provider immediately. They can provide assistance, and they may have additional insights about the breach, and can sometimes help you recover your site.

Recovering from a breach. How to remove hacking from your site?

recovering from a breach. How to remove hacking from your site

Okay, now you have blocked further access to your site it’s now time to clean up the mess. Let’s go over the tasks you need to perform to recover your site.

Restore from a Clean Backup

If you have a recent backup of your site that you are confident is clean and free from any malicious content, restore your website from this backup.

SiteGround Backups - Select a recent clean backup and restore all files
SiteGround Backups – Select a recent clean backup and restore all files

If you find yourself without a backup post-hack, it’s akin to navigating a minefield blindfolded. Malicious code could be lurking in any corner of your site’s files. I suggest switching to an up to date theme, such as the latest default WordPress theme and disabling and uninstalling non-essential plugins.

Change Passwords

Change all passwords associated with your website, including WordPress, FTP, database and hosting account passwords. Use strong, unique passwords for each account.

Ideally, use 2FA (two factor authentication) for your website login. This requires a second code to be entered after the password using either Google Authenticator or some other method. It greatly increases the difficulty of logging into your site for hackers.

SiteGround Security Plugin is a free security plugin that works on all WordPress sites. It can quickly set up a 2FA login process on your WordPress website and, additionally, change the default login location to further complicate future hacking attempts. I personally use this security plugin and I highly recommend it.

Get SiteGround Security Plugin

In the WordPress admin section click the Users link to see all the registered users on your website. Delete any users that shouldn’t be there. Ideally, just have your one admin account registered.

Click the edit link from the Users list and find the Account Management section as shown below.

WordPress Account Management (from Users page click on Edit link)
WordPress Account Management (from Users page click on Edit link)

Immediately change your password to a hard to guess password that you haven’t used anywhere else. Click the “Log Out Everywhere Else” button to log out everyone who is currently logged in as you – such as a hacker. This will force the hacker to log in again but by then you will have changed the password already.

Don’t forget to click the “Update Profile” button at the bottom of the Edit User page! Otherwise your new password won’t be saved.

Update and Patch Software

One of the main ways hackers breach your website is through out of date software. It’s critical you keep all your software patched to the latest available version.

Ensure the following are keep continuously up to date:

  • PHP programming language
  • WordPress Core
  • WordPress Themes (all installed even if not activated)
  • WordPress Plugins (all installed even if not activated)

Tool, such as wpscan can quickly scan your website for vulnerabilities making it easy for hackers to know what to exploit to gain access to your website.

Turn on all automatic updates for your software you can. For instance, to keep the PHP programming language up to date your will need your hosting provider to support this option.

SiteGround PHP Manager autoupdate
SiteGround Managed PHP Service

For your plugins you will find an “Enable auto-updates” link for each of your plugins. Turn this on for all your plugins.

Remember, each plugin you have installed is a potential vulnerability if it contains any code that can be exploited. Use the minimal number of plugins on your website to make it harder for your website to get hacked.

Remove any themes you are not using. You may have installed several themes before deciding on which one to use. Those other themes, including all the code, are still installed on your web server. A non-activated theme shouldn’t be exploitable – unless there is a coding error somewhere. Better to uninstall any unused theme to eliminate the risk entirely. Why take chances?

Strengthening WordPress Security

How to get rid of hackers on your website? Install security measures to detect hacking attempts.

Does your WordPress site keep getting hacked? Even if it’s your first time let’s make sure it’s the last. Let’s discuss measures your can implement to strengthen your WordPress Security and keep hackers out for good!

Scan and Monitor Your Website

Use security tools to scan your website for malware and vulnerabilities. Continuous monitoring even after cleaning up is crucial to ensure your site remains secure.

Perhaps your hosting provides a scanning service? Some do as an additional addon, so you may need to check for these services because they are not turned on by default.

Alternatively, you can use install third-party plugins that can monitor and scan your website for you.

Implement Security Enhancements

Strengthen your website’s security to prevent future attacks. This can include using a web application firewall (WAF), implementing two-factor authentication, regularly scanning for vulnerabilities, and following best practices for website security.


Notify Relevant Parties

In the event of a customer data breach, it’s crucial to act swiftly and transparently. Here’s a succinct action plan:

  1. Notify Affected Customers: Contact all individuals whose data has been compromised. Provide clear information about what happened, what data was involved, and how they can protect themselves. This could include changing passwords, monitoring bank statements, or signing up for credit monitoring services.
  2. Advise Protective Measures: Offer specific steps for affected parties to safeguard their information from further risk. Encourage vigilance against phishing attempts that may exploit the breach.
  3. Report to Regulatory Authorities: If the breach meets the criteria for reporting as per local or international data protection laws (such as GDPR, HIPAA, etc.), you must inform the appropriate regulatory bodies. This step is not just about compliance but also about contributing to a broader understanding of cyber threats.

Remember, in such scenarios, transparency isn’t just the best policy – it’s a cornerstone of trust and legal responsibility.

Seek Expert Assistance

When it comes to securing your website, sometimes the challenge can seem insurmountable. If you’re feeling overwhelmed, there’s no shame in reaching out for expert assistance. WordPress security specialists are trained to handle these situations with precision and speed.

Take, for example, the Wordfence Cleaning Service. They promise to start the cleanup process within an hour of engagement. Such a service can be invaluable, offering not just expertise but also the peace of mind that comes with knowing your website is in capable hands.

Remember, investing in professional cleanup services isn’t just about fixing the present issue – it’s about fortifying your website’s defenses for the future. Isn’t your peace of mind worth that expert touch?

How Does a Website Get Hacked?

Experiencing a website hack can indeed be distressing. Generally, websites get hacked due to vulnerabilities in their code, hosting platform, or an administrative lapse. Common culprits include outdated software, weak passwords, and malware. Hackers exploit these weaknesses using various methods such as SQL injection, cross-site scripting, or brute force attacks.

Final Thoughts on How to Get Rid of a Hacker

Thanks for reading! Let’s rewind and reiterate the key steps on how to get rid of a hacker:

  1. Maintenance Mode: Immediately take your website offline to prevent further damage.
  2. Hosting Provider: Contact customer support – they often have protocols in place for such incidents.
  3. Restore Backups: Use a clean backup to restore your website to its pre-hack state.
  4. Password Renewal: Create new, strong, and unique passwords for all your accounts.
  5. Software Updates: Make sure all your website’s software is current.
  6. Security Plugin: Install a plugin designed to safeguard your website.
  7. Two-Factor Authentication (2FA): Add an extra layer of security to your logins.
  8. Automated Backups: Set up daily automatic backups so you can recover easily.
  9. Routine Scans: Regularly scan your website for vulnerabilities.
  10. Notify Stakeholders: If customer data was compromised, inform them promptly.

Don’t beat yourself up over a breach. Many hacker and ransomware gangs are well financed – some are even state-sponsored. You can get breached once, just make sure it never happens again!

Did you find this guide useful? Share your thoughts in the comments or give us a shout-out on social media. Your feedback fuels our mission to empower and protect the digital community. Your support is our cornerstone – thank you!

Ad - Web Hosting from SiteGround - Crafted for easy site management. Click to learn more.

Leave a Comment