My WordPress site has been hacked now what?

asked Jun 26, 2013 in Security by SaraSX (2,770 points)
My WordPress site has definitely been hacked. I found some scripts that I didn’t put, some files  that I’ve never seen, even a couple of posts that I don’t know about. I removed it all.. but now what? How can I secure my site after it’s been hacked?
Kind regards

2 Answers

0 like 0 dislike
answered Jun 26, 2013 by expert (14,380 points)
1.Scan your system.
2.Contact your hosting provider.
3.Change your WP passwords to a difficult one.
4.Change your passwords for users, FTP and MySQL.
5.Change the secret keys.
6.Take a backup of what is left.
7.Check the .htaccess file for any hacks.
0 like 0 dislike
answered Jun 26, 2013 by WebGuru (9,280 points)
in addition to the previous answer consider deleting everything and restoring the latest clean backup. You also need to upgrade and stay upgraded. Another thing you can do is replacing the core WordPress files from a freshly downloaded zip.