English (US) 日本語
Submit a request

Technical question Licensing question
Sign in

Throbber (refresh) icon keeps spinning in the Log File Analyzer of SEO Toolkit in Plesk
Plesk DigitalOcean DNS extension is creating records with the duplicated domain name
Plesk monitoring extension shows empty graphs: origin not allowed
Cannot issue a Let's Encrypt certificate: The Let's Encrypt extension is no longer available. To issue SSL/TLS certificates, install the SSL It! extension
Plesk WordPress Toolkit 5.9.2 and above does not detect instances that were detached
ModSecurity Atomic rules update or activation fails: modsecurity_ctl failed: Atomic Updater Modified (AUM) Installer (v6.0.0)
Unable to update WordPress via WordPress Toolkit when the instance language is not English: Failed to update selected items. Release not found.
Let's Encrypt will revoke certificates validated with the TLS-ALPN-01 challenge. Will this affect Plesk?
Watchdog script "secur-check" fails in Plesk: Zend_Exception: No entry is registered for key 'container'
WordPress instance in Plesk is marked as broken: Warning: require_once(): open_basedir restriction in effect

See more

What to do if Wordpress website is hacked or infected?

Vladimir Chernikov

Updated December 09, 2021 16:30

Plesk for Windows Plesk for Linux kb: how-to ABT: Group B

Applicable to:

Plesk for Linux
Plesk for Windows

Question

What to do if Wordpress website is hacked or infected?

Answer

Contact third-party information security experts in order to identify the source of the attack, confirm that it is a not false positive detection and clean up infected files.
Reset all system users passwords (FTP users), Plesk users passwords, WordPress users passwords
Update web applications like WordPress, Joomla, etc up to date and their plugins.
Follow Plesk security best practices

Additional information

How to secure WordPress in Plesk?

Comments

0 comments

Please sign in to leave a comment.

Have more questions? Submit a request