[FIXED BUG] mod_rewrite stopped working. All pages on WordPress sites show 404
How to manage Plesk extensions (install, disable, remove, update)
Mail stuck in queue when Plesk Email Security installed on SELinux enforced server
Node.JS: Class 'CommonPanel_Validate_FileSharing_FolderName' not found
[BUG] RapidSSL and GeoTrust paid SSL certificates provided by SSL It! extension are not supporting www and SAN
Unable to update Wordpress: WordPress version requires PHP version 5.6.20 or newer
[FIXED BUG] Amavis is not installed/removed along with Plesk Email Security
Server with Plesk Email Security no longer sends/receives emails: [127.0.0.1]:10024: Connection refused
Unable to access SSL/TLS Certificates for a domain: Argument 3 passed to BaseComponentChecker::getCertificateStatus() must be an instance of PleskExt\SslIt\Certificate
[FIXED BUG] Unable to access the SSL/TLS certificate page: Reduce of empty array with no initial value

See more

What to do if Wordpress website is hacked or infected?

Vladimir Chernikov

Updated May 28, 2020 13:08

Plesk for Windows Plesk for Linux kb: how-to

Applicable to:

Plesk for Linux
Plesk for Windows

Question

What to do if Wordpress website is hacked or infected?

Answer

Plesk itself could not stop website hacking, especially when the website code is vulnerable. If the website is hacked or infected:

Contact third-party information security experts in order to identify the source of the attack, confirm that it is a not false positive detection and clean up infected files.
Reset all system users passwords (FTP users), Plesk users passwords, WordPress users passwords
Update web applications like WordPress, Joomla, etc up to date and their plugins.
Follow Plesk security best practices

Additional information

How to secure WordPress in Plesk?

Comments

0 comments

Please sign in to leave a comment.

Have more questions? Submit a request