What should you do if your WordPress web-site was hacked.

Restore/Recover site after hacking

Countless of WordPress CMS based websites are hacked every day. This happens, because WP is open-source and all of it’s plugins too, so, many bad people use the “holes” and “issues” for their advantage and hack websites. In case you were a victim, you have to do the following steps. (Note, if you miss any step, your site will possibly remain hacked):

• At first, report the malicious plugin/theme to plugins[@]wordpress.com or theme/plugin developer company itself . Also, post that issue on WordPress forums, to warn others too.
• Delete that file immediately.
• Delete all suspicious **plugins** and **themes**. Remember the list of TRUSTED plugins you have installed and TRUSTED theme name (continue reading).
• Backup database (export to PC) and delete database from MYSQL server.
• Change password and database name of MYSQL server.
• (Not required, but strongly recommended): Change your WP login password. If you used that password somewhere else, change everywhere (because your password may have been grabbed already)
• Backup only wp-content/uploads folder (if you have custom theme or something, backup it too), and delete everything from public_html.
• Check uploads (or other folders you backed-up), if there is any .php or server-side files inside that, it is is clean, then put that folder back to site.
• Now you have to check your exported DATABASE(SQL) file carefully. see if there are extra/suspicious tables or EXTRA USER added, or some hackable cron job created.
• Import the revised SQL database back to newly created database (with different username and password as I’ve said), but:  before importing, you can replace your admin password from wp_users table with $P$B1oYQ3msvVDfFRDwiCY6lViBGmiXMT/ (this is password a. you should change it as soon as you enter your site first time).
• Reinstall clean WordPress installation on your site (if you use old version of WP, please install NEWEST VERSION).
• Install only those “Trusted” plugins and theme.

These are short description of necessary steps to recover your site after hack. It may be a hard process somehow, but if you want safety, you should do this. Otherwise, you will still remain hacked!