60Web60

Site Hacked - Recovery Steps

Troubleshooting4 min read·

This article shows you how to recover your website after it has been hacked or infected with malware.

Step 1: Stay Calm and Don't Panic

If your website shows strange content, redirects to other sites, or displays security warnings, it may be hacked. Don't try to fix it by deleting files randomly - this can make things worse.

Step 2: Change All Your Passwords

Start by changing your Web60 account password and your WordPress admin password. Hackers often use stolen passwords to access websites.

  1. Go to your Web60 portal and change your account password
  2. If you can still access your WordPress admin area, change your WordPress password there too
  3. If you cannot access WordPress, use the Login Issues and Password Reset guide

Step 3: Restore Your Website from a Clean Backup

Web60 automatically creates backups of your website every day. The fastest way to recover from a hack is to restore from a backup made before the infection happened.

  1. Log into your Web60 portal
  2. Find the "Backups" section for your website
  3. Look for a backup from before you noticed the problem (usually 2-3 days earlier is safe)
  4. Follow the steps in How to Restore Your Website from a Backup

This will replace your infected website with the clean version from the backup.

Step 4: Update Everything After Restoration

Once your clean website is restored:

  1. Log into your WordPress admin dashboard
  2. Go to "Dashboard" → "Updates"
  3. Update WordPress to the latest version
  4. Update all plugins and themes
  5. Delete any plugins or themes you don't use

Step 5: Check for Suspicious User Accounts

Hackers sometimes create fake admin accounts to regain access later.

  1. In WordPress, go to "Users" → "All Users"
  2. Look for any user accounts you don't recognise
  3. Delete any suspicious accounts immediately
  4. Make sure your admin username is not "admin" - this is easy for hackers to guess

Step 6: Install Security Measures

To prevent future attacks:

  1. Install a security plugin like Wordfence or Sucuri Security
  2. Enable two-factor authentication if available
  3. Only install plugins from the official WordPress directory
  4. Keep WordPress, themes, and plugins updated regularly

Read our WordPress Security Best Practices guide for more detailed security tips.

Step 7: Monitor Your Site

Check your website daily for the next week to make sure the hack hasn't returned. Look for:

  • Strange pages or content
  • Unexpected redirects
  • Slow loading times
  • Security warnings from browsers

If you're still stuck or the hack returns after following these steps, contact Web60 support immediately with details about what you've tried.

FAQ

Q: How do I know if my website is actually hacked?

A: Common signs include strange content appearing on your site, redirects to other websites, browser security warnings, or your site being blocked by Google. Your website might also load very slowly or show error messages.

Q: Will restoring from backup delete my recent content?

A: Yes, restoring from backup will remove any content added after the backup date. If you added important content recently, you may need to recreate it after the restore.

Q: How far back should I go with backups?

A: Choose a backup from at least 2-3 days before you first noticed the problem. Sometimes hacks exist on your site for days before becoming visible.

Q: Can I clean the malware without restoring from backup?

A: While possible, it's much more difficult and time-consuming. Malware can hide in many files, and restoration from a clean backup is the most reliable method.

Q: Why did my site get hacked?

A: Common causes include outdated WordPress/plugins, weak passwords, insecure themes, or vulnerabilities in plugins. Following security best practices significantly reduces your risk.

Q: Will this happen again?

A: Not if you follow good security practices. Keep everything updated, use strong passwords, install security plugins, and avoid suspicious themes or plugins from unknown sources.

Q: How long does website restoration take?

A: Backup restoration usually takes 10-30 minutes depending on your website size. Your site may be temporarily unavailable during this process.

Last updated: 1 March 2026

← PreviousSearch Function Not WorkingNext →Site Running Slowly - Performance Tips

Still need help?

Contact our support team for personalised assistance.

Contact Support