Help! My WordPress Website Might Be Hacked: A Non-Technical Guide to Recovery

As a WordPress website owner, it can be scary to think that your website might have been hacked. Don’t worry; you’re not alone, and there are steps you can take to protect your site and get it back on track. In this guide, we’ll walk you through simple, non-technical actions to follow if you suspect your WordPress website has been compromised.

Step 1: Take a Deep Breath and Stay Calm

The first thing to do is to take a deep breath and try to stay calm. While discovering a potential hack is alarming, remember that many website owners have faced this issue and resolved it successfully. Time is of the essence, so don’t delay on this however.

Step 2: Look for Signs of Suspicious Activity

Take a close look at your website for any signs of unusual behavior. This might include strange content, unfamiliar links, or error messages on your pages. Also, check if your website is slow or behaving differently than usual.

Step 3: Notify Your Hosting Provider

If you suspect a hack, it’s essential to contact your hosting provider right away.

Step 4: Change Your Passwords

To protect your website, change all your passwords immediately. This includes your WordPress login, hosting account, and any other website-related services. Create strong passwords using a mix of letters, numbers, and symbols.

Step 5: Look for Help from Security Plugins

Even if you’re not a technical expert, there are security plugins available that can help you identify and remove malicious files from your website. Consider installing plugins like Wordfence or Defender to scan your website for potential issues.

Step 6: Keep Everything Updated

Outdated software and plugins can make your website vulnerable to attacks. Make sure to update your WordPress installation, themes, and plugins regularly. This simple step can prevent many hacking attempts. ClikIT Care can help you keep everything updated!

Step 7: Restore from Backup

If you have backups of your website, restoring to a previous clean version might be a good solution. Check with your hosting provider or website builder on how to do this or seek help from a technical friend.

Step 8: Strengthen Your Website Security

This might include adding a security plugin, enabling two-factor authentication, and limiting login attempts.

Step 9: Regain Trust with Search Engines

If your website got blacklisted by search engines, you can request them to review your site once you’ve resolved the issues. Check with your hosting provider or a technical friend for guidance on how to do this.


While discovering a potential hack on your WordPress website can be distressing, remember that there are steps you can take to recover and secure your site. Stay calm, notify your hosting provider, change your passwords, and seek help from a WordPress maintenance agency such as ClikIT Care. With the right actions, you can safeguard your website and get back to sharing your content with the world.