[FIXED BUG] mod_rewrite stopped working. All pages on WordPress sites show 404
Mail stuck in queue when Plesk Email Security installed on SELinux enforced server
Cannot change Node.js application root in Plesk: Class 'CommonPanel_Validate_FileSharing_FolderName' not found
RapidSSL and GeoTrust paid SSL certificates provided by SSL It! extension are not supporting www and SAN
Unable to update Wordpress: WordPress version requires PHP version 5.6.20 or newer
Amavis is not installed/removed along with Plesk Email Security
Server with Plesk Email Security no longer sends/receives emails: [127.0.0.1]:10024: Connection refused
Unable to access SSL/TLS Certificates for a domain: Argument 3 passed to BaseComponentChecker::getCertificateStatus() must be an instance of PleskExt\SslIt\Certificate
Unable to open Composer extension for a Plesk domain: Could not open input file: /usr/local/psa/var/modules/composer//composer.phar
Unable to access the SSL/TLS certificate page: Reduce of empty array with no initial value

See more

What to do if Wordpress website is hacked or infected?

Vladimir Chernikov

Updated November 03, 2020 20:40

Plesk for Windows Plesk for Linux kb: how-to ABT: Group B

Applicable to:

Plesk for Linux
Plesk for Windows

Question

What to do if Wordpress website is hacked or infected?

Answer

Plesk itself could not stop website hacking, especially when the website code is vulnerable. If the website is hacked or infected:

Contact third-party information security experts in order to identify the source of the attack, confirm that it is a not false positive detection and clean up infected files.
Reset all system users passwords (FTP users), Plesk users passwords, WordPress users passwords
Update web applications like WordPress, Joomla, etc up to date and their plugins.
Follow Plesk security best practices

Additional information

How to secure WordPress in Plesk?

Comments

0 comments

Please sign in to leave a comment.

Have more questions? Submit a request