It's also important to change your password and admin username if someone helps you and needs your password and admin username to login to perform the job. After all the work is complete, IMMEDIATELY change your password and admin username. Someone in their business may not be, if the person is trustworthy. Better to be safe than sorry!
It helped me although my first step is. I had a fantastic old style pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me.) And then I did what I should have done before I started my website. And here is where I want you to start. Learn hacked. The attractive thing about fix hacked wordpress site and why so many people recommend because it is easy to learn it is. That is also a detriment to the health of our websites. We need to learn how to add a security fence.
The one I recommend, and the stronger approach, is to use one of the password generation and storage plugins available on your browser. I believe after a trial period, you need to pay for it, although RoboForm is liked by people. I use the free version of Lastpass, and I recommend it for those of you who use Internet Explorer or Firefox. That will generate secure passwords for you; you visit site then use one master password to discover this info here log in.
Move your wp-config.php file one directory up from the WordPress root. WordPress will search for it there if it cannot be found in the main directory. Additionally, nobody else will be able to read the file unless they have FTP or SSH access.
Make a note of your new password for the next time you sign in! I recommend the version of the software that is secure look at this site *Roboform* to remember your passwords.
The plugin should be regularly updated have WordPress, play nice and to stay current with the latest WordPress release and restore capabilities. The ability to clone your site (along with regular copies ) can be useful if you ever need to do an offline site redesign, among other things.