Since Wordpress is a very vulnerable resource for dependency, you need to follow these guidelines for securing your website from further attacks:
1. Probably your admin username and mail ID has been modified. In this case, first change your username and email-id from the database so that the password could be reset from wordpress back-end.
2. Delete any suspicious file or folder in your website
3. It is important to have the secret key defined or changed in wp-config.php, you will want to change the value in it because hackers will know what it is. The same can be generated from this link https://api.wordpress.org/secret-key/1.1/salt/
4. Update your Wordpress and its plugins
5. Reset your cpanel and database passwords for that account
6. Install a WP security plugin, we recommend 'All in one WP Security and Firewall' http://wordpress.org/plugins/all-in-one-wp-security-and-firewall/ and make sure your website is secure in all aspects.
- Email, SSL
- 52 Users Found This Useful