Your website got hacked. Here's what to do.
Discovering your site's been hacked is a stomach-drop moment — but panic is the only thing that makes it worse. There's a calm, well-worn path from compromised to recovered, and the sooner you walk it methodically, the smaller the damage.
First: contain it
Move fast to stop the bleeding. Take the site offline or into maintenance mode so it can't harm visitors or spread. Change every password — hosting, admin, database, email. If customer data may be involved, note the time and what you saw; you may have notification obligations later.
Then: assess and clean
Figure out what happened — scan for malware, check what was changed, identify how they got in (usually an outdated plugin or a weak password). Remove the malicious code completely; a half-clean site gets re-infected within days. This is the step where professional help usually pays for itself.
Recover from a clean backup
This is the moment backups prove their worth. Restore from a known-good copy from before the compromise, then re-apply any legitimate recent changes. If you don't have clean backups, recovery is slower and far more painful — which is the whole argument for having them before you need them.
Then: close the door for good
Recovery isn't done until the original hole is sealed. Update everything, rotate credentials, add two-factor, and put monitoring in place so a repeat is caught instantly. Most re-hacks happen because the entry point was never fixed — don't be that statistic.
Hit now — or want to never be?
Hit now, or want to never be? We'll audit and harden your site.
Get a free conversion audit →Editorial. DigiVino, June 2026.
