A few weeks back, my website was hacked and the codes were inserted into the WP’s core and theme files. The codes were used for redirecting visitors to one of the malware websites. When I tried to broke it, my website got severely damaged that caused me a huge loss.


Even though I am an individual website owner, I always try and manage myself just like big boys with my concept to technology where it always makes sense. I would not have a team of administrators operating a running backup now a security system, but I take used to take all the underlying principles that need to be applied in order to keep my WordPress site safe from hackers.

When I got to know that my website was hacked, I immediately turned off its accessibility and started to recover it. Within a few hours, my site was available for the readers without having any sort of damages. I was prepared for such eventualities and just because of this incident, I documented my recovery procedure in order to minimize the time and abridge the process.


Unluckily, it is a reality that some visitors on our websites contain richness, flexibility and malicious intent of latest web platforms provide hackers many opportunities to exploit them.

What you should do when hackers attack?

There are a number of suggestions on Google but on the whole, you will find them the best. Some would call it overkill but I prefer to replace each and everything with clean configurations.

  • You must not panic, very important.
  • Restore from clean backups your WP root directory. It will help you replace configuration settings and all compromised documents.
  • Restore your WP database from clean backups.
  • Immediately change your FTP secret code.
  • Enter now WordPress password for accessing database. Never forget to update WP config with new secret codes.
  • Enter new passwords for all users’ accounts.


In this way, you will be able to recover your WordPress site from hackers. Of course, there is no magic just a common sense with effective backup systems. Scripted backup jobs are always helpful in securing WP plugins, media, themes and files. Even, you can use neat WordPress plugins in order to run scheduled daily backups. Also, it is recommended to always use latest version of WordPress and plugins. By following these tips, you will be able to effectively recover your websites and take precautionary measures to keep it safe in the future.