Skip to content
GXN WEB / INTERVENTION

GXN://WordPress incident

A hacked website requires calm, backups, and a precise sequence.

Do not immediately delete everything. Isolate the incident, preserve evidence of entry, and protect neighbouring accounts before rebuilding a clean version.

01

Limit exposure

Contact the host, put the site into maintenance when necessary, and stop sensitive transactions. Do not trust a merely normal-looking page.

02

Preserve a copy

Keep available files, database, and logs before cleanup. They help reveal scope and prevent the same entry point from returning.

03

Rotate access

Change passwords from a clean device, revoke unknown accounts, rotate keys, and inspect email, domain, and hosting access.

04

Clean, then correct the cause

Restoring a backup is insufficient when a vulnerable plugin, compromised account, or configuration remains. Then verify the site, search engines, and critical journeys.

Keep in mind

This guide provides a general starting point. A diagnosis must account for the actual site, access, data, and constraints before any change.

NEXT ACTION

Describe the problem. The right engagement starts there.

GXN will assess the situation, urgency, and desired outcome before recommending an intervention.

Request a diagnosis