Cleanup a hacked wordpress site

Getting hacked is the worst nightmare anyone could have. And having been experienced it already is even more horrifying ! Yes you got me right, my website was hacked maybe a month since I moved to WordPress. Lucky that it wasn’t a large scale one, but still no body would like that. Lucky enough that my users,friends,colleagues didn’t get to know about it.(Even if they did, no body informed me for whatever reason maybe)

Anyways, after going through a bunch of articles, realized that this was kind of a common hack. What this hack did was, it replaced the 404 error page with a script that would do nonsense stuff instead of displaying the error.

First of all, finding this is a real hectic job. I as an experienced and *professional* web developer straight away started with checking the .htaccess files for any infiltration. Found nothing. Moved to checking the logs, checking the databases. After seeing the error, realized that this generated every time a wrong/invalid link was opened. Hence, realized there was some fault with the 404 error page. Quickly checked the default 404 page and everything looked alright.

Then realized that every theme in WordPress has its own 404 page. One can look for it under Appearance -> Theme Editor / Editor.

Locating the theme specific 404 page.
Locating the theme specific 404 page.

Once you get here, you will immediately recognize that something is horribly wrong with the code. Until unless you are extremely newbie, you will definitely find something fishy. For all the newbies, if you find any suspicious links to other website, some erratic codes that are not at all related to your website’s functionality then there’s a problem.

Simply deleted the contents from this file. If you have the original files, replace the contents and voila, votre site est claire ! aka your website is clean !

But, if the hack is something else, the only option would be to backup all the contents, databases, themes etc basically the whole WordPress folder. Delete the directory and install a fresh copy of WordPress. Simply upgrading the package won’t do the job, as it only updates the WP files and hence may leave the infected files as it is.

So, as it is said, Person learns from his experiences. This was probably the most horrifying experience I’ve ever had. But nevertheless, another experience added to my mountain of experiences !

Feel free to contact in case of any queries !

About Atulmaharaj

A seasoned blogger and a content marketer for close to a decade now. I write about Food, Technology, Lifestyle, Travel, and Finance related posts. Blogging brings me joy and the best part is I get to read and e-meet so many amazing bloggers! PS: I'm also the founder for Socialmaharaj.com :) Favorite Quote: "Traveling is like reading a book, one who hasn't traveled, hasn't turned a page.

Check Also

Siteground Hosting Renewal Charges

Shockingly high Siteground renewal charges !

Rs 1500 is the amount that I had paid for a year of hosting for …


  1. Thank you for sharing,this is a nice and helpfull post.Here fixrpress.com is also providing the best service for hacked wordpress site. If any body have hacking problem, then he/she can contact us.Fixpress is one of the leading companies who provide answers to all your questions related to hacking especially this one, how to fix a hacked WordPress website?

  2. Sorry to hear about your horrifying experience! My site was also defaced by hackers for a week before my customers told me about it. The site monitoring service that I was using didn’t check for content. It just pinged the server to make sure that it’s alive.

    I then switched to Content Site Monitor (http://www.contentsitemonitor.com) which allows me to specify content keywords that I want to check. Now I get email notification when the content is missing (or when the site is down) and I get another notification when the site is back up and running again.

    You should sign up for a free account and use it to monitor your website.

Share your thoughts

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: