🔥 Limited-time deal: 20% OFF any Hostinger plan with code QGNAFFBUSPYA

My Website Got Hacked: What to Do Next

Updated June 2026 · 5 min read · Troubleshooting

Discovering your website has been hacked is unsettling, but acting in the right order limits the damage and speeds up recovery.

Step 1: Don't panic-delete anything yet

Before making changes, take note of what looks wrong (strange redirects, unfamiliar admin accounts, defaced pages) so you can investigate properly.

Step 2: Restore from a clean backup if you have one

If you have a backup from before the hack, restoring it is usually the fastest path back to a working site. This is why regular backups matter — many Hostinger plans include them automatically.

Step 3: Change all your passwords

Update your hosting account, domain registrar, and website admin (e.g. WordPress) passwords immediately, in case credentials were exposed.

Step 4: Update everything

Outdated plugins, themes, and core software are common entry points. Update everything to the latest version once your site is clean.

Step 5: Scan for lingering malware

A scan helps confirm the hack is fully removed, not just hidden. Many hosting providers offer security scanning tools or can recommend one.

Step 6: Review who has access

Remove any admin accounts or access you don't recognize or no longer need.

Built-in protection: Hostinger includes security monitoring tools on hosting plans, 20% off with code QGNAFFBUSPYA.

See secure hosting plans