One thing that is very common among businesses is that their sites have got hacked, one time or the other. However, the symptoms of hacking are different from one case to another. Some of the problems faced by users when a Wordpress site gets hacked are –

 Redirection to a website that has never been seen before
 Getting flagged by Google as malicious
Posting of sexual or dating site related posts and redirects, and many others

If there is a symptom of disease, there must be a cure. This is where managed services of Wordpress hosting comes so handy, especially in cases of hacked sites.

Until and unless you are a tech geek or a technology/IT professional with immense hands-on experience on computer languages and scripts, it is nearly impossible for you to stock hacking attack or even clean your site from malicious content, posted by the hacker. In this article an attempt will be made to not only identify the malicious content fast but also the ways to remove them. Here, you will also get ideas about the steps that can be undertaken for preventing hacker attack again.

Are you seeing a “403 Forbidden” Error?

This error is generally displayed when a managed Wordpress hosting service provider has identified the malicious activity and have disabled the site temporarily for getting rid of the malicious content. Disabling a site is not an easy decision to make, neither for the owner nor the managed service provider. Such decisions are taken only when there is an emergency and to stop the malicious activity to adversely affect your website’s ranking at Google.

How to Get Rid of the Malicious Content?

For getting rid of the malicious content, the first thing that is needed to be done is granting access permission of your computer to the website so that you can identify and rectify the problem.

 Giving yourself Permission

You have to know your computer’s IP address. This typical digitized address is the unique number your computer is able to identify you on internet. You can know this by visiting IP identifying sites such as Once you know your IP address, you have to jot this down so that you can use it in further steps.

Now, the IP should be able to access your site. For this, you need to make some small changes at the “.htaccess file”. This step is known as allowing IP access. Locate the “File Manager” first in the cloud control panel. Once located, open the “.htaccess file” in the “public_html” folder. Now, you have to block your visitors from accessing your website so that they don’t have to see the malicious content or get affected by that. Now add “deny from all” to block users from visiting your website. Once deny from all is written, it will also block the same from you, i.e. your computer. However, you have to do the work. That’s why you need to give access to the site to yourself. You can grant your computer access by writing “allow from*your IP address*”. Once done, you can access the Wordpress admin panel and that’s too from your computer (whose IP address has been entered in the command).

 Identify Malicious Content and Clean

Malicious content can be identified by using a plugin that can scan the website and finds out the malicious issue. One such plugin that comes handy in such situations is Wordfence plugin, which is a great snit-malware solution. Once the said plugin is installed and it shows in Wordpress admin panel’s left hand side bar, press scan. If any issue is found and highlighted, “next step” suggestion is shown for consequent action and repair. In case nothing is found, you can also try, Sucuri that specializes in malware detection.

You can also ask the managed Wordpress hosting service provider for updated back-up, just before the hacking attack took place. This back-up is free from any malicious content and can be uploaded for malware free content.

Reactivating Your Website

Once, the site is cleaned, you have to go to the .htaccess file and reactivate it.

You can protect your site from any future hacking attack by keeping all the plugins as well as Wordpress updated all the time.