What to do if your WordPress site is hacked

WordPress is an extremely popular web platform, and because of its popularity it is often the target of hackers looking to “take over” pieces of your site for their own benefit. Hackers like to maximize the effect of their work, so they’ll often target widely installed plugins or themes with known security vulnerabilities. In most cases, your site was not targeted specifically, but was hacked because of some vulnerability in a plugin or theme installed on your site.

We do our best to make our themes secure at The Theme Foundry, and in general premium themes are not a likely place for hackers to spend their time. However, if you ever discover any vulnerabilities in our themes, or just think that your site was hacked because of something in our themes, please send an email to info [at] thethemefoundry.com and we’ll look into it right away.

If your site is hacked, we’ve assembled some resources to help you get up and running again. Even if your site has not been hacked, many of these articles cover security topics that are helpful for anyone in charge of a WordPress website.

• WordPress.org FAQ – My site was hacked
• How to completely clean your WordPress installation
• Removing backdoors from hacked sites
• A free site scanner from Sucuri
• An explanation of WordPress’s vulnerabilities and security tips from Sucuri