User Question: What are your preferred methods of restoring a hacked WordPress site?

This question comes from a user whose site recently got attacked with malware. Before reading the answer, please do read How to remove malware from a hacked WordPress site.

Depending on what needs restoration, this question can have multiple answers:

However considering that you have removed all your WordPress installation files, you’ll need to restore the files from a known-good backup.

In an ideal situation this means that your database remains intact. This includes your settings, posts, pages etc.

Instead of reinstalling WordPress you’ll need to extract the files from the backup.

  1. Make sure that wp-config.php in the root of your installation has the correct settings.
  2. Point your browser to <yourwebsiteurl>/wp-admin/upgrade.php. This will make sure that a database upgrade runs.
  3. Log into the website admin area.
  4. Purge the cache.
  5. Verify that you have the required theme and plugins active.
  6. Visit the permalinks settings once. This will create a .htaccess file or verify and update it if one already exists.
  7. Visit the front-end of the website and verify that all is well.
  8. Log into Google Search Console and head over to URL Inspection Tool.
  9. Enter the URL of the homepage or select any URL of your website.
  10. Click on “Test Live URL”.
  11. Click on “View Tested Page”.
  12. Very the site in “Screenshot” and “More Info” tabs.

That’s pretty much it! If you need help with this part of the process checkout our Malware Removal Service.