If you enjoyed this video don't forget to the like it and subscribe! Then check out this playlist about WordPress security: kzbin.info/www/bejne/mInRdZSOi9l1ga8

Brother, this video showed me the way! I had to repair a hacked site from a client who came to me with a hacked site. Almost didn't want to take this project on. Tons of outdated plugins. But, your video was very clear and helped me tame this monster!

I'm a web designer not dev and I'm always wary of diving into the back end stuff but this was so simple and helped me clean up my client's site without having to pay someone to do it for me. It was such a good tutorial. Thank you

You totally helped me save 3 websites that got hacked. I reinstalled the wordpress files and brought my sites back to life. I then checked elementor files by comparing it a downloaded version and found the files they hacked. Thanks alot! Great tutorial!

The clearest tutorial I've ever seen. direct on point. Thanks, man.

I am really amazed after watch the video and now I got a fair idea regarding malware clearing. Thank you so much Sir

I am shocked that after a long battle I came across this video. I was surprised it was so simple. I tried cleaning the files myself, it kept overwriting my htaccess file and making copies in every folder. I even tried deleting all htaccess files via SSH and cleaning PHP files. Thank you for this video, very effective!

You’re my hero ! I had the same scam happening to me with my wordpress site being hosted on Bluehost and being hacked. I contacted bluehost via chat but directly ended up at siteVault and was asked to pay a whopping 700$ annual fee to fix the problem. Luckily I didn’t go into it and started googeling the problem and ended up with your youtube tutorials ! I managed to fix the problem all by myself and the hacker is no longer present (for the moment). But the fact that restoring the site when backed up is ‘farely’ easy is reassuring enough to me. Thank you once again and continue the good work ! Greetz.

Out of the 10hours of videos I watched online, this quick 20min video saved me days and days of fixing my site, thank you thank you thank you

HI.. HELP PLEASE :) Im trying right now to fix a website. IN my public html folder I only had one suspicious file (the google thing which makes you the owner) there was two of them, and I deleted the suspect., also from the google search console. I don't have a quarantine after the public HTML, but after the TMP folder...... Is that hacked? Should I proceed with the fix in the video? Thanks in advance.

Thank you! Thank you! THANK YOU! This helped me to fix a site I'm working on without paying someone else to fix it. Cannot thank you enough!

You videos are great! I have learned tons from them! Thank you for making them

Hi, I followed all of what you said to do and it works. But the thing is with mines it's just words, frames of the webpage but no pictures. Can you tell me what I've done wrong or should I walk back through the step?

Much appreciated sir! you successfully tough me how to recover my website! fantastic job!

This was a great video. I’ve learned so much watching how you repaired and recovered that site.

Very well explained 👍👍 Thanks for sharing this video. Hope this video will help me to find out the solution to my hacked websites

God Bless you safe my Sites, after i have Watch dozens of Videos only yours was help to me

You are a genius, you taught me how to solve my problem! Great video, totally recommended.

nice videos sir btw is it still worked in 2022 or so on ? just curious if some days I would get the same problem.

Hi, I'm new here and I was just wondering would you recommend wordfence for securing sites as I have been facing a lot of hacks lately and it is happening like time after time, over and over for the last 2 months. I already did some clean up and of course have the site back up, I even keep a clean file just to make sure if it happens again. Any type of help would be gladly appreciated. thanks for creating this video by the way.

Thank you for the details video. It didn't resolve issue with hacked website, but i know what to do if I will have similar issue as in the video

Personally i did a back restore to the day before the error happened and it's all good now. I used updraft and I do backups for preventing these issues

Best video on WP ever. Thank you a million

I don't have a folder quarantined underneath the public html file. But I am getting rerouted

Does this work vica versa different wordpress versions. I have no website to try with yet... You are good my man with WP!!

what if there's no quarantine folder under public_html?

Hi I have a question for this Video in my File Manager I only have this folder "quarantine_clamavconnector" but inside I only have old websites that I haven't used in years. It doesn't contain any of the directories for my current sites. I manually backup my wordpress website manually every week or so just as a precaution but I was just wondering why the quarantine directory doesn't have my current sites. Could it be because of my Provider? If thats the case then the same thing could happen to other people depending on their providers. Hit me back.

Very good video!! do you think is better to download all the files and work locally on my computer? Or in case I work online, how can I do to set a page that says "working to improve the website" for all the users that visit the website while we are cleaning it? THANKS!

I have a strange file called ".htaccess-". There is a dash after .htaccess. Does that look fishy?

Hi, lots of love from India... I have a question, please try answering it.... Actually my site was working properly but every day or other I got the warning about "files changed" and also about feed.php error. I followed what you have told in this video, I deleted feed.php file, but my site stopped working right after it... I do not understand why it stopped working.... Can you please suggest some possible reasons and actions to be taken on my part. Thank you in advance.

What a Great Great Tutorial. :)

I'm not sure if my Facebook was hacked or not. But I get a log in sheet every time I try to go into another program. If I click on it without putting my data into it; it gives me an error message and I'm worried that my phone was hacked. It's a real nuisance. If you have any idea what this is I would love to hear from you.

hi thank you. maybe you can help. what if the domain is migrated elsewhere and not in the hosted file manager. when i open their file manager in the original host i cant even find the content files. im not yet sure they have been backed up but they have been on go daddy for 5 years its go to be somewhere

Hey buddy thanks a lot for this great tutorial (: What I'm wondering is why you don't scan the database for malicious code - or is that irrelevant since malicious code cannot be executed from a SQL database in Wordpress?

Hi, thank you for making this video, really helfpul! Unfortunately it doesn't work on me. I think that my site is hacked to redirect people to go to malicious sites. Can you tell me which one of your video that will work on my problem? Thank you for tour attention

Bjorn, thanks a lot for the guidance. After cleaning infected core files I still have an issue with a plug-in called Slider Revolution. Could you very briefly explain the process to replace the plug-in with a clean version? (I've got to do it over cpanel because I don't have access to wp panel yet. I guess I'll be able to access as soon as I fix that last issue)

Thank you so much, that worked perfectly and it was very straightforward!!!

I think I am going to start backing up my files more often lol. Learned a lot though, thanks! If you run into a roadblock for coming up with new video ideas, I think you could get some good mileage out of basic programming videos so that people recognize gibberish versus normal programming. I know just enough to understand what you were saying in the video but would have been lost completely if I hadn't studied programming the tiny bit that I have lol.

How do you do this on a Wordpress.com, where you don’t have access to a cpanel?

Thanks, Man. In my case, the files in wp-content were also affected. One plugin & index.php of my theme was also affected. The hacker had injected some sort of code in it. I replaced both of them with original files & boom. The site started running well & scans are now clean.

So my index.php and .ftaccess were both hit, but they changed the permission to 0444 and I can not change it, delete it, replace it, nothing. What to do in this case? I'm logged in as the root user so I have absolute control.

Great buddy! This video saved us a lot of losses. Thank you so much, Buddy. Relly helpful video.

Great video but the potential issue of the database being injected with a script is not addressed. It could be extremely simple for the same hackers to get back in if the database is not reviewed also. Will you do a video on this perhaps?

Hello there, Facing some major issues on the sites as some malware files are getting injected wp-vcd.php("you might know"). Tried to remove every one of it still, the problem occurs after some duration. Too many redirections, scam popups are occurring on the site. Don't know what to do.

Thank you so much for this help. I was hacked and thought that I would never manage to clean my website. But thanks to you it works know perfectly again. I will know watch the one to secure wordpress ;-)

Excellent thank you

This is just for Pros Thanks !!!

my site is back, all the content are there, but the theme is not there? could you plz tell me how to recover my theme through FTP Server, wp-content-theme? there are several themes in this folder, i don't even know which one is the one i used, i only used one theme, i don't know why there are 10 theme? thank you

Thanks, Bro it helps me so much. Many Many thanks

Heya...My WP Site Front end is working good.But backend dasboard gets open..but goes to page not found.htaccess and index file is changing time and agin..Please help

Very good video tutorial! it really worked! thank you for sharing it.

You saved my life. Thank you

Thank you a lot! I followed all steps (most of them I already knew, but all together in one place is very nice), but I did not find anything. I have some linux processes running, but when I try to kill them they say the process does not exist. I am suspecting of a hosting with dirty hands.

I usually dont write much comments but I sincerely have to do this. I have a client website that I manage, but the website is hardly in use, hence I usually dont go there to update plugins. Matter of fact I had only 3 active plugins, wordfence, updraft and contact 7 forms. I felt I was save with just these three. Alas, I was very wrong. I realized recently that the website had been hacked. all pages including login to admin page just foces a strange page that displays some grundig TV's for sale. I had tried so many things, including contacting my webhost for help. My webhost pretty much told me I was on my own since the backups they have already contained the malware. My backups on updraft too seemed infected. I was on the matter for about 1 week and I was just about to give up and inform the client of the bad news, that we had lost the site. Until I saw this video, and it worked like a charm. Thank you very much for saving me so much embarrasment. I did a check on the database and I removed what seems like the injected code there. There was an admin profile added plus some other user metadata. I sincerely hope I have been able to remove all the hack traces since I checked table by table. Thank you again, apolgies for the long write up, I just had to appreciate your good effort and probably be of help to anyone going through similar circumstances. I have updated the few plugins,, hopefully this wouldnt happen again

lovely. I took every note. tnx.

Do you know how to figure out redirection link which is automatically redirect users on another suspicious website?

hello , my site is hacked and when i access the file manager i can't find the public file that has wp-admin , wp-content ...etc. and i have some file called : .bash_login , .bash_logout what is that ??

What if there is no quarantine under HTML, is there another way that you can go about it?

Thank you so much

Great Help, clearing out the files and restoring did it

Thank you so much!!! Great video

You saved my day Boss

Great tutorial! My blog was a victim of Japanese SEO spam. I'm going to erase the malicious files I suspect are causing this. Wish me luck!

thank you, this was very useful

Great video my brotha! Thank you very much! Very helpful!

You are the best, it has worked

8:36 Did you mistakenly delete the backup quarantined-bkp.zip file?

is this also working with siteground hosting please let me know

What theme is that? Did it come with a menu login

Very helpful !! Thank you

Hi! We're facing this problem but on our subdomains, while the primary domain returned a 404, we reverted our php back to 7.3 and now the primary domain site is already accessible but our subdomain is still having the index of errors but no list of files are reflected only the index of/ error, the name, description, size and last modified. Do you think it is still applicable to this ?

thanks for the videoi was hoping to use a plugin or something to point the malicious files, which are infected. i know you are doing the virus through your own experience with the files. Even so, when you are done with removing the ones you know, still some malwares may not have been removed

Thanks a tonne. Your video worked in principle for me. However, the malware also edited my database entries. So I had to manually restore them from PHPMyAdmin. Any idea how to secure such an attack in future??

In my case, the virus is in wp-content and am just building the site with no backup yet. What will I do?

Great video, thanks!

I have a wordpress site thats redirecting. Nothing in DNS and cannot get into wp-admin.

I´m sorry by asking. I need to replace the index.php file. I down loaded a clean file form wordpress, and I have zip the single fine and up loaded to file manager y ipage. Now, I don't know how to unzipped it. can you help me! thanks

thanks man, you saved my life :)

Thank you, worked perfectly!

Can this be done with a smartphone please? If yes , how?

WOW!! Thanks a ton man!! Really helpful :)

website saved, thank you

Any tut of how to clean database garbage manually? Thx

This is a very great video. Thank you

This is amazing thank you so much!

this guy is the best !!!!

thank you for the nice video, my friend's website is hacked, fix applied(sucuri) , after that the wordpress site is coming with home page and no menu bar.Just seeing static content (images). Any help is appreciated.

used all 5 solutions, still couldn't got solution. can you please help me.

Hi Bjorn, Is it normal for a wordpress site to have multiple .htaccess files, espcially if the alternate file names are ".htaccessnowayjose", ".htaccess.bak" and ".htaccess-1540216526"? Also, any suggestions on what to do when your error log file reaches 60MB? Could this cause loading delays? Can the contents be deleted?

Thank you, helped me big time!

A big thumbs up to you!!

excellent video

you saved me thank you .... love u

Thank you, this saved me.

I have a problem called admin_sweet and I don't know how to solve it. Please advise

Great Video! Thank You for making it!

Sir on Google my site title and description has changed and I'm facing some annoying popup . Can you tell how can I remove adware ?

These parasite-like beings who hack your site first and ask for money. I almost paid SiteLock freaking 400 dollars. Seriously disgusted. Thank you for this tutorial.

what if phpmyadmin compromised?

Recommend an affordable hosting