How to Clean a Hacked WordPress Site?

So your WordPress Site has been hacked! Don't worry, you are not alone.

Your WordPress Site can be cleaned and fixed so can get it up and running again. In case you are contemplating switching to another platform, like Joomla or Drupal – know that they can be hacked too.

Get cWatch Pro

The first step to cleaning and fixing your WordPress site is to determine that it has indeed been hacked, and that the problems you’re seeing are not a false alarm caused by some hardware or software issues.

How to Clean Hacked Wordpress Site

Symptoms of hacked WordPress Site

  1. Browsers block your websit, and display a warning about malware infection - such as "The Website Ahead Contains Malware!"
  2. Your website gets suspended by your website host due to malicious activity
  3. Abnormal behavior of browsers when displaying your website
  4. You observe/detect foreign code in your website - code that you had not put in. Files have been modified affecting core integrity
  5. Search engines display blacklist warnings

If your site displays any of the above symptoms, you can be sure that it has been hacked.

How to Clean a Hacked WordPress Site?

  1. Backup
  2. Scan your website using Comodo Web Inspector tool
  3. Install Comodo cWatch Web Security


Perform a complete manual backup of your WordPress website, even if you have an automatic backup in place. This backup will allow you to analyze how the infection took place.

Scan your website using Comodo Web Inspector tool

This advanced tool utilizes cloud-based malware scanning technology to scan your website, inspect the content and detect any malware. The Comodo Web Inspector scans and detects using multiple technologies such as dynamic page analysis, signature-based detection, buffer overflow detection, and heuristic detection techniques.

Install Comodo cWatch Web Security

Next, get Comodo cWatch Web Security and install it on your system. You must purchase a license, and Comodo offers a 30-day free trial license for you to try the product.

Comodo cWatch Web Security is a fully managed cloud-based security solution. It has a robust web application firewall that will block advanced threats including Denial-of-Service (DDoS), SQL Injection and Cross-Site Scripting attacks. It also blocks application targeting attacks such as attacks on WordPress and Joomla websites.

Add the Hacked WordPress site in the facility to “Add Websites.” Select the http protocol, enter details of the certificate to be used and complete the configuration.

The dashboard will now display the added websites/domains. The risk level of the domains will also be displayed.

Now configure your domain for cWatch scanning:

  • Upload the mentioned .php file to your website
  • cWatch will now access the file at this location and commence scanning of the hacked WordPress website
  • If you opt for automatic malware removal, certified experts from Comodo Cyber Security Operation Center (CSOC) will remove all of the identified malware threats
  • The cWatch scan will display the vulnerabilities identified on your website. This will allow you to fix the vulnerabilities and secure your website from further hacks.
  • Search engines display blacklist warnings

Log Analysis

You can raise a request for CSOC experts to analyze your logs to identify details about the hack.

Request for Revoking Suspension

If your hacked WordPress Site head been suspended by your Hosting Company, then contact them to revoke the suspension.

Updated Software/Plug-ins, Unwanted Profiles
  • Update all the plug-ins and themes that you are currently using. Your website must only have the theme that you installed, not anything else. Delete unused WordPress plugins, themes, and installations. Maintain only what is necessary.
  • Remove user profiles not being used. Maintain only one administrator role and remove all other profiles.
  • Avoid hosting your website with a shared hosting provider. If other websites on the same server have been compromised, then it could allow hacking of your website through escalated privileges.

Complete Protection

Once you have opted for managed security services of Comodo cWatch Web Security, your hacked WordPress website gets fixed and stays completely protected from hacking/cyber attacks.