Friday , February 26 2021
Breaking News

How To Fix Your Hacked WordPress Site?

hacker Recently there has been a onslaught of wordpress hackers who are out to destroy your marketing efforts on your wordpress blogs. These people are usually disgruntled bloggers who enjoy hurting others, instead of actually helping the online community grow and prosper. Their modus operandi is to destroy. Being the psychologist expert that I am, these people have very low self esteems.

Then there are people who set up bad bots. These are automated hacking bots that search the net for wordpress sites that are not secure and will spam your site like crazy, and your email…which will bring your site down real fast.

What is hurtful to your site is that if you wait too long to fix it, Google’s spiders will crawl your site and will not like what they see, and it will index, and you will lose a lot of your rankings. So, you have to act fast.

So, how do you quickly recover your wordpress blog from a hacker that has put our site to a halt, changed your wp admin passwords, put a virus in your wp files, and you simply don’t know what to do?

These are the steps you can quickly take. I do have a complete wordpress security video series in my and courses, but these are some fast steps.

Step One – Using your ftp software, reinstall your wordpress theme files

Step Two – You need to recover your wp admin password, which the hacker has changed. This is how you do that:

A. In your Cpanel, go to myphpadmin, and edit your wp_user file. Change your email address to one that is yours and working. Click Save.

B. Go to your login at and click on the “Lost Your Password?” link. Your password reset link will be sent to your inbox email that you set up in myphpadmin.

C. Go to your inbox and click on the password reset link that wordpress sent to you. Your new password will be sent to your inbox. Get the password, and login to your wordpress dashboard. WordPress will ask you if you want to change your password as soon as you login. You will want to do this, and use a password that only you know.

Step Three –  Many hackers are using wp-cron.php to get into your blog. Using your FTP software, delete this file, which is located on your root of your blog.

I hope this has been helpful to you. If you want a complete video series on protecting your wordpress blog and securing your wp site, don’t hesitate to contact me. It is a 9 video series, and includes a pdf, and extra files are included to protect your site from bots and hackers: htaccess, robots.txt, and index.html

Make a comment below. Has your site ever been hacked?

About Mark Dulisse

Software Developer, Blogger, SEO Consultant, Internet Marketer

Check Also

Increase Quality Score With Footer Links

Google is currently reviewing many new adwords campaigns, including your landing pages. I recently added …


  1. Hi Mark,
    Thanks very much for the heads-up on WP 3.0. You sent out an email a week or so ago advising us NOT to upgrade, and it looks like that was great advice.

    Yes, a year or so ago I had my guest book hacked that I had on one of my sites hacked. It felt as if someone had broken into my house. I remember emailing the provider of the guest book and being told something like – tough luck – upgrade to the next version.

    I think the best idea against hackers is to have a good defense installed BEFORE the find you. Your suggestions in “Dominating Google” are excellent. You also suggest RoboForm, which has a “generate password” feature which lets you generate all sorts of random passwords (no more silly 4 letter-number passwords). Yep, it generates monster passwords and them saves them for you. (I suggest you put your Roboform saves folder on an external hard drive, and then back it up to several places so you don’t lose all those saved passwords in case of HD crash).

    Anyway, thanks for what you do! It’s appreciated, and I’m a very happy customer.


  2. Very timely article Mark and thank you for the prompt and excellent attention that yuo gave me yesterday when my site was attacked.

  3. Yeah, I had the same problem some time ago too, so I spent some time researching how to protect my blogs. There are actually many plugins which will help you to protect your blogs easily. I’ve posted the summary on my blog:

    Ever since I didn’t have any hacking problems.

  4. That’s a very timely post! I had some friends in the fitness industry get crushed. Now I know where to send them! 🙂


  5. Hi there.
    Oh yes, my site was hacked and I had no idea how to even get to to root of the problem. It was hacked into and wrecked by some clown who named themself ‘silver fish’
    Anyway I want to thank you Mark for sorting it for me and am how taking your advices on how to protect myself from further tresspassers.
    I have now idea how youi sorted it and because of my inexperience probably would have lost the site.
    Thank you so much
    Geoff Norman

  6. Awesome post Mark. I had my admin taken over 4 times in 2 days on one site but had to consult tech support to find and remove exploit. In the process of trying to fix it myself I reinstalled the site from scratch and even started with no content. That turned out to be a plus as the site was bloated with thousands of pages which included irrelevant content as a result of auto-posting. On a competitive search term that I was never able to rank decently on I ended up on page one of google after all the updates. I manually posted unique seo articles on a term that I am advised to forget even trying to rank for by other ‘seo experts’. The term is ‘the Holy Spirit’ in case you are wondering which was a personal goal more then a profit objective. For churches of course this represents profit potential. I don’t represent any church or truth for money organizations. Just have my own opinions to share about the subject that I wanted to share on the blog.

  7. Mark,
    Amazing post with invaluable content. And, yes, the above site was hacked into about eighteen months ago. It was my first blog and had about 150 posts with Adsense on each post. I was using Google Conquest to build and manage my blogs, and their tech people fixed it–by cuttiing out about half the posts with no means or recovering them. Much of the Adsense code had also been deleted, so I replaced it, and added some new posts.

    But the site’s never been the same since. Google’s Adsense tracking measures only about a third of the traffic, and while I was getting decent Adsense revenue before, there’s barely a trickle now, and I get about 150 visitors a day.

    So I’ll take your directions and see if I can recover any of what worked earlier.
    Tom O’Boyle

  8. As for deleting the wp-cron file, can it just be renamed? Is this not an important file for updating, etc.?

  9. @mark,
    Thanks for your article about Fixing Hacked WP Sites.
    Can you please suggest some good plugins for Prevent Hack..


  10. Very grateful for this “How to Fix your Hacked WordPress site”, because I now have my site working again by following these wonderfully simple instructions. Thank you.

  11. Thank you very much to tell me how to fix my hacked WordPress site. now my site is fix and didn’t show hacker’s homepage anymore after following your instructions.

  12. thank you very very much for this! 🙂

  13. You saved me having to completely wipe and reinstall all my content with your AWESOME and SIMPLE instructions for recovering my account by logging in and rechanging my password.

  14. my wp is hacked. can you help?

  15. After cleaning up your site, its a good time to evaluate the plugins that are running on your site.

    You can use the P3 profiler to audit the existing plugins. Then you can remove the slowest plugins which provides a speed boost to your site and minimizes the chance of a plugin / theme conflict.

    I’ve also heard great things about Cloudflare for improving the speed and performance of your WordPress site.

Leave a Reply

Your email address will not be published. Required fields are marked *

CommentLuv badge
This blog uses premium CommentLuv which allows you to put your keywords with your name if you have had 3 approved comments. Use your real name and then @ your keywords (maximum of 3)

Sign up to newsletter