Services Tools About Process Referral Program News Contact Get Started
What to Do When Your Website Gets Hacked: Recovery Guide for UK Business Owners
Security February 17, 2026 5 min read

What to Do When Your Website Gets Hacked: Recovery Guide for UK Business Owners

Don't panic. Here's exactly what to do when your website gets hacked, from immediate damage control to full recovery and future prevention.

Your website's been hacked. Your heart's racing. Your customers might be seeing warnings or weird content. We get it - this is every business owner's nightmare.

But here's the thing: most website hacks are fixable. You're not the first business this has happened to, and you won't be the last. Let's walk through exactly what to do, step by step.

Step 1: Don't Panic (But Act Fast)

Take a breath. Then get moving. The faster you respond, the less damage you'll face.

Immediate actions:

  • Change ALL passwords (hosting, WordPress admin, FTP, email)
  • Contact your web hosting provider
  • Take screenshots of any malicious content for evidence
  • Check if Google has flagged your site (search "site:yourwebsite.co.uk")

Don't try to "fix" anything yet. You might make things worse or destroy evidence of how the hack happened.

Step 2: Assess the Damage

Figure out what you're dealing with. Common signs include:

  • Weird pop-ups or redirects
  • Content you didn't add
  • Google warning users about your site
  • Suspicious admin users in WordPress
  • Slow loading or site crashes
  • Spam emails being sent from your domain

Use our free website audit tool to check for obvious security issues. It won't catch everything, but it's a good starting point.

Step 3: Isolate and Secure

Put your site in maintenance mode if possible. This prevents visitors from seeing compromised content while you clean up.

Change every password:

  • Hosting account
  • WordPress admin (all users)
  • FTP/SFTP access
  • Email accounts
  • Any connected services

Use strong, unique passwords. This isn't the time for "password123".

Step 4: Clean House

DIY Cleaning (Basic Hacks Only)

If you're comfortable with websites and it's a simple hack, you might tackle this yourself:

  1. Scan everything. Use security plugins like Wordfence or Sucuri
  2. Remove malicious files. Delete anything you don't recognise
  3. Check user accounts. Remove suspicious admin users
  4. Update everything. WordPress core, themes, plugins - everything
  5. Review file permissions. Make sure they're not too open

When to Call Professionals

Some hacks are beyond DIY fixes. Call experts if you see:

  • Database compromises
  • Server-level infections
  • Complex malware that keeps coming back
  • You're not confident about what you're doing

Your time is valuable. Sometimes paying for professional cleanup is cheaper than losing days of revenue.

Step 5: Restore from Backup (If You Have One)

Got recent, clean backups? You're in luck. This is often the fastest path to recovery.

Before restoring:

  • Make sure your backup is from before the hack
  • Update WordPress and plugins first
  • Change all passwords
  • Scan the backup files if possible

No backups? This is why we bang on about website maintenance packages. They include automated backups that could save your business.

Step 6: Remove Search Engine Warnings

Google might be warning users about your site. Once you've cleaned everything:

  1. Request a review in Google Search Console
  2. Check other browsers - they have their own blacklists
  3. Be patient - it can take days for warnings to disappear

Step 7: Prevent Future Attacks

Essential Security Measures

Keep everything updated. Old WordPress versions are hacker magnets. Set up automatic updates for core files and regularly update plugins.

Use strong passwords and two-factor authentication. Make it harder for attackers to get in.

Install a security plugin. Wordfence, Sucuri, or similar tools add extra protection.

Regular backups. Automated daily backups mean you can quickly recover from any attack.

Choose secure hosting. Good hosts monitor for malware and provide security features. We use Krystal hosting because they take security seriously.

Advanced Protection

Web Application Firewall (WAF). Blocks malicious traffic before it reaches your site.

SSL certificates. Encrypts data between your site and visitors. Essential for any business site.

Regular security audits. Professional security reviews catch vulnerabilities before hackers do.

File integrity monitoring. Alerts you when core files change unexpectedly.

DIY vs Professional Help

You Can Handle It If:

  • It's a simple defacement or spam injection
  • You're comfortable with WordPress admin
  • You have recent, clean backups
  • The hack seems contained to content areas

Call Professionals When:

  • Your database is compromised
  • Malware keeps coming back
  • You're seeing server-level issues
  • Your site handles sensitive data (payments, personal info)
  • You can't afford extended downtime

Website Security Checklist

  • [ ] All passwords changed
  • [ ] Security plugin installed and configured
  • [ ] WordPress core, themes, and plugins updated
  • [ ] Unnecessary plugins and themes deleted
  • [ ] User accounts reviewed (remove old/suspicious ones)
  • [ ] File permissions checked
  • [ ] SSL certificate installed
  • [ ] Regular backup system in place
  • [ ] Hosting security features enabled
  • [ ] Google Search Console monitoring set up

Frequently Asked Questions

How did my website get hacked? Common entry points include outdated WordPress installations, weak passwords, vulnerable plugins, and compromised hosting accounts. Sometimes it's as simple as using "admin" as your username.

Will my customers' data be safe? This depends on what data was accessed and how it was stored. If you collect payments or personal information, you might need to notify customers and relevant authorities. GDPR has specific requirements for data breaches.

How much does professional cleanup cost? Typically £150-£500 for basic cleanup, more for complex attacks. Compare this to lost revenue from a compromised site, and professional help often pays for itself.

How can I prevent this happening again? Regular updates, strong passwords, security plugins, and reliable hosting are your best defences. Consider a maintenance package that handles security monitoring and updates automatically.

Should I pay the ransom if it's ransomware? Never. There's no guarantee hackers will restore your site, and you're funding criminal activity. Focus on cleaning up and restoring from backups instead.

Getting Back to Business

A hacked website feels like a disaster, but it's recoverable. Most businesses bounce back quickly with the right response.

The key is acting fast, securing everything, and putting proper protections in place for the future. Your customers will forgive a security incident if you handle it professionally and transparently.

Need help recovering from a hack or want to beef up your website security? Get in touch - we've helped dozens of Welsh businesses recover from attacks and implement bulletproof security measures.

Remember: the best time to think about security was yesterday. The second-best time is right now.

WC

Web Cardiff

Cardiff's WordPress specialists helping Welsh businesses grow online.

Related Articles

Security

Website Backups: What Every Business Owner Should Know

Your website is critical to your business. Learn why backups matter, what to back up, and how to pro...

 Security

What to Do When Your Website Gets Hacked: A Recovery Guide for UK Business Owners

Your website's been hacked? Don't panic. Follow our step-by-step guide to clean up malware, secure y...

 Security

Website Backups: What Every Business Owner Should Know

Protect your business with proper website backups. Learn why backups matter, what to backup, and how...

Need help with your website?

Get a fast, secure website that wins you business.

Get in touch