What to do if my WordPress site is hacked?

Perfection is a myth! There’s no hosting out there that can promise to be completely hack-proof. It’s always better to be ready for the worst and back up and update your WordPress site as regularly as possible! 

But, how would you know if your WordPress site has been hacked?

Signs your WordPress site is hacked

  • You can’t log in. Hackers sometimes delete users or change passwords to prevent access. If you’re unable to reset your password, your user account could have been removed. This is a sign of hacking.
  • Your site is redirecting to another site. This will probably be a site you don’t want your users being taken to.
  • When browsing your site, you get a warning in your browser.
  • Google search gives a warning that it may have been hacked.
  • Your site has changed without you having done anything.

If you are still unsure, you can scan your site with external services like or

Recommended first steps:

  1. Stay Calm.
  2. Restore a backup: 1 click with wetopi.
  3. Verify your backup is clean.
  4. Promote to production this clean restored server: 1 click.
  5. Contact our support team.

The first three steps will help you to publish a clean site in a few minutes.

With this simple process, your users will browse a clean version of your site while our team can work privately in the infected one.

If you need help with your hacked site, ask for help at wetopi

Migrate your hacked site to wetopi

If you aren’t an existing Wetopi client, to save yourself the hassle of all the steps below, you can purchase our Wetopi malware removal service for a one-off fee of 100€.

At wetopi, we migrate your hacked site for FREE and clean it for you at the same time.
Request your free migration now
Limited to our security-team buffer-time

limited offer

Wetopi Guarantee!

In the rare event of a site getting hacked at wetopi, our incredible support team of WordPress experts will quickly and carefully remove the malware for you for free.

if you are a Wetopi client, this is included in your plan:

  • Free from Hack Guarantee –We will fix all hacked site for free
  • Backups included–We keep website backup, we can rollback your site instantly
  • Prevent future attacks– You don’t need to bog down your server resources with Firewall plugins. All plans provide dedicated external WordPress WAF and blacklisting feeds filtering non-legit traffic.
  • Secure checks – We scan your server files to identify malware.
  • 24/7 Support–Once onboard you get assigned to a wetopi engineer.

And one final recommendation, just in case:

Your credentials may have been compromised

One way websites get hacked is if your login details are compromised or leaked from hacks in other sites. We are creatures of habit, and we tend to use the same login details on multiple websites.

Check if known public breaches have ever compromised your login credentials at

Have I Been Pwned was created in 2013 by Troy Hunt, a security expert, to provide the general public a means to check if their private information has been leaked or compromised?

At wetopi, we want to minimize the friction that every professional face when working and hosting WordPress projects.

In short, we are just techies passionate about WordPress. With wetopi, a specialized WordPress hosting, we want to go further to offer professionals and agencies a platform to work efficiently and effectively.

Not a wetopi user?

Try now – you’ll find an efficient way to work with WordPress

Free full performance servers for your development and test.
No credit card required.

Anand KumarWhat to do if my WordPress site is hacked?
Share this post