{"id":2697,"date":"2025-10-08T19:05:40","date_gmt":"2025-10-08T23:05:40","guid":{"rendered":"https:\/\/cassiopea.ca\/blogue\/uncategorized\/what-to-do-if-your-wordpress-site-is-hacked-and-you-dont-have-a-reliable-backup\/"},"modified":"2025-10-08T19:06:20","modified_gmt":"2025-10-08T23:06:20","slug":"what-to-do-if-your-wordpress-site-is-hacked-and-you-dont-have-a-reliable-backup","status":"publish","type":"post","link":"https:\/\/cassiopea.ca\/en\/blogue\/web-design-en\/what-to-do-if-your-wordpress-site-is-hacked-and-you-dont-have-a-reliable-backup\/","title":{"rendered":"What to Do if your WordPress Site is Hacked (and You Don&#8217;t Have a Reliable Backup)?"},"content":{"rendered":"\n<p>Finding yourself with a compromised WordPress site and no restorable backup is a stressful situation \u2014 but not all is lost. With quick, methodical, and precise actions, it&#8217;s possible to clean the installation, restore the site&#8217;s integrity, and implement future defenses. <\/p>\n\n<p>This article guides you step-by-step with <strong>5 key reflexes<\/strong>, each detailed with its rationale, precautions to take, and associated best practices.<\/p>\n\n<div class=\"wp-block-rank-math-toc-block\" id=\"rank-math-toc\"><h2>Contents<\/h2><nav><ul><li class=\"\"><a href=\"#1-installer-un-plugin-de-securite-lancer-un-scan-en-profondeur\">1. Install a security plugin \/ run a deep scan<\/a><ul><li class=\"\"><a href=\"#pourquoi-cette-etape-est-cruciale\">Why this step is crucial<\/a><\/li><li class=\"\"><a href=\"#conseils-precautions\">Tips &amp; precautions<\/a><\/li><\/ul><\/li><li class=\"\"><a href=\"#2-identifier-les-fichiers-suspects-corrompus-ou-modifies\">2. Identify suspicious, corrupted, or modified files<\/a><ul><li class=\"\"><a href=\"#que-rechercher\">What to look for?<\/a><\/li><li class=\"\"><a href=\"#methode-recommandee\">Recommended method<\/a><\/li><\/ul><\/li><li class=\"\"><a href=\"#3-reinstaller-les-fichiers-word-press-themes-et-plugins-securises\">3. Reinstall secure WordPress files, themes, and plugins<\/a><ul><li class=\"\"><a href=\"#objectif\">Objective<\/a><\/li><li class=\"\"><a href=\"#etapes-a-suivre\">Steps to follow<\/a><\/li><\/ul><\/li><li class=\"\"><a href=\"#4-changer-tous-les-mots-de-passe-verrouiller-les-acces\">4. Change all passwords &amp; lock access<\/a><ul><li class=\"\"><a href=\"#pourquoi\">Why?<\/a><\/li><li class=\"\"><a href=\"#comptes-a-modifier\">Accounts to modify<\/a><\/li><li class=\"\"><a href=\"#bonnes-pratiques\">Best practices<\/a><\/li><\/ul><\/li><li class=\"\"><a href=\"#5-mettre-en-place-une-strategie-de-sauvegarde-plan-de-restauration\">5. Implement a backup strategy + restoration plan<\/a><ul><li class=\"\"><a href=\"#limportance-de-cette-etape\">The importance of this step<\/a><\/li><li class=\"\"><a href=\"#ce-que-doit-contenir-une-sauvegarde-complete\">What a complete backup should contain<\/a><\/li><li class=\"\"><a href=\"#solutions-outils-de-sauvegarde\">Backup solutions &amp; tools<\/a><\/li><li class=\"\"><a href=\"#plan-de-restauration\">Restoration plan<\/a><\/li><\/ul><\/li><li class=\"\"><a href=\"#etapes-complementaires-apres-nettoyage\">Additional steps &amp; post-cleanup<\/a><\/li><li class=\"\"><a href=\"#recapitulatif\">Summary:<\/a><\/li><li class=\"\"><a href=\"#sources\">Sources<\/a><\/li><\/ul><\/nav><\/div>\n\n<h2 class=\"wp-block-heading\" id=\"1-installer-un-plugin-de-securite-lancer-un-scan-en-profondeur\">1. Install a security plugin \/ run a deep scan<\/h2>\n\n<h3 class=\"wp-block-heading\" id=\"pourquoi-cette-etape-est-cruciale\">Why this Step is Crucial<\/h3>\n\n<ul class=\"wp-block-list\">\n<li>Even if the site is compromised, a plugin like <strong>Wordfence<\/strong> (or Sucuri, MalCare, iThemes Security) can help automatically detect infected files, suspicious modifications, malware signatures, or backdoors.<\/li>\n\n\n\n<li>This gives you a global view of visible infections and serves as a starting point for cleanup.<br\/>Wordfence offers a highly sensitive scan option and can indicate compromising files.<g id=\"gid_0\"> wordfence.com<br\/><\/g><\/li>\n<\/ul>\n\n<h3 class=\"wp-block-heading\" id=\"conseils-precautions\">Tips  Precautions<\/h3>\n\n<ul class=\"wp-block-list\">\n<li>First, install the plugin, but <strong>avoid jumping to conclusions<\/strong>: some results may be false positives or legitimate custom code.<br\/>Activate alerts and schedule regular scans (daily or weekly).<\/li>\n\n\n\n<li>If the plugin offers a &#8220;hard mode&#8221; or &#8220;deep scan,&#8221; prioritize it to detect hidden files.<\/li>\n<\/ul>\n\n<p>In addition, you can use other (external) scanners or services (e.g., Sucuri) to cross-reference results.<\/p>\n\n<h2 class=\"wp-block-heading\" id=\"2-identifier-les-fichiers-suspects-corrompus-ou-modifies\">2. Identify suspicious, corrupted, or modified files<\/h2>\n\n<h3 class=\"wp-block-heading\" id=\"que-rechercher\">What to Look for?<\/h3>\n\n<ul class=\"wp-block-list\">\n<li>Files not found in a standard WordPress installation (core, themes, plugins).<\/li>\n\n\n\n<li>Suspicious code: eval(), base64_decode(), injected iframes, files with unusual or randomly generated names.<\/li>\n\n\n\n<li>Backdoor files: seemingly harmless scripts used to maintain hidden access.<\/li>\n\n\n\n<li>Recently modified files \u2014 compare modification dates with a clean version.<\/li>\n\n\n\n<li>Server logs (access logs, error logs) to detect unusual patterns or suspicious requests.<\/li>\n\n\n\n<li>In the database: check wp_options, wp_posts, etc., tables for injected scripts.<\/li>\n\n\n\n<li>Suspicious user accounts in the WordPress admin (new unauthorized administrators).<br\/><\/li>\n<\/ul>\n\n<h3 class=\"wp-block-heading\" id=\"methode-recommandee\">Recommended Method<\/h3>\n\n<ol class=\"wp-block-list\">\n<li>Download a clean version of WordPress (same version) from <a href=\"http:\/\/wordpress.org\" target=\"_blank\" rel=\"noreferrer noopener\">wordpress.org<\/a>.<\/li>\n\n\n\n<li>Compare core files (excluding the wp-content folder) with the originals; replace compromised versions.<\/li>\n\n\n\n<li>Do the same with themes\/plugins: reinstall official versions from official publishers.<\/li>\n\n\n\n<li>For custom content (child theme, CSS, media): inject them after manual verification.<\/li>\n\n\n\n<li>If a modified file is legitimate but suspicious, isolate it and analyze it line by line.<\/li>\n<\/ol>\n\n<p>This replacement\/verification approach is recommended in WordPress cleanup guides.<\/p>\n\n<h2 class=\"wp-block-heading\" id=\"3-reinstaller-les-fichiers-word-press-themes-et-plugins-securises\">3. Reinstall secure WordPress files, themes, and plugins<\/h2>\n\n<h3 class=\"wp-block-heading\" id=\"objectif\">Objective<\/h3>\n\n<p>Only keep as &#8220;live&#8221; the code you know is safe. Anything that could be compromised must be replaced with a healthy version. <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"etapes-a-suivre\">Steps to Follow<\/h3>\n\n<ul class=\"wp-block-list\">\n<li>Download the WordPress version corresponding to your installation (same core version) from wordpress.org and extract the files.<\/li>\n\n\n\n<li>Replace core files (except wp-content and wp-config.php) with the official versions.<\/li>\n\n\n\n<li>Delete unused, outdated, or hacked themes\/plugins. Install remaining themes\/plugins from official sources (WP directory, publishers). <\/li>\n\n\n\n<li>Clean up \/ recreate wp-config.php if necessary \u2014 check security keys, settings, file permissions.<\/li>\n\n\n\n<li>Check file\/folder permissions (e.g., 644 for files, 755 for folders) to limit abusive access.<\/li>\n\n\n\n<li>If your host or server allows isolation (sandbox mode, new folder), consider installing a clean version in a new directory and gradually transferring the cleaned content.<br\/><\/li>\n<\/ul>\n\n<h2 class=\"wp-block-heading\" id=\"4-changer-tous-les-mots-de-passe-verrouiller-les-acces\">4. Change all passwords  lock access<\/h2>\n\n<h3 class=\"wp-block-heading\" id=\"pourquoi\"><strong>why<\/strong><strong>?<\/strong><\/h3>\n\n<p>Once a site is compromised, it must be assumed that the attacker may have access keys (FTP, admin, database, etc.). Therefore, all &#8220;doors&#8221; must be closed. <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"comptes-a-modifier\">Accounts to Modify<\/h3>\n\n<ul class=\"wp-block-list\">\n<li>All WordPress accounts with rights (administrators, editors, etc.).<\/li>\n\n\n\n<li>The database user (MySQL\/MariaDB) \u2014 update wp-config.php if changed.<\/li>\n\n\n\n<li>FTP \/ SFTP \/ SSH access.<\/li>\n\n\n\n<li>Hosting account \/ cPanel \/ server panel.<\/li>\n\n\n\n<li>Emails associated with the site or admin accounts.<\/li>\n\n\n\n<li>Revoke or change API keys, external tokens, or third-party access (plugins, external services).<br\/><\/li>\n<\/ul>\n\n<h3 class=\"wp-block-heading\" id=\"bonnes-pratiques\">Best practices<\/h3>\n\n<ul class=\"wp-block-list\">\n<li>Use strong passwords: long, mix of letters \/ numbers \/ special characters.<br\/><\/li>\n\n\n\n<li>Enable <strong>two-factor authentication (2FA \/ MFA)<\/strong> for all critical accounts.<\/li>\n\n\n\n<li>Limit user roles (do not assign administrator rights unnecessarily).<\/li>\n\n\n\n<li>Delete inactive or suspicious accounts.<\/li>\n\n\n\n<li>If possible, restrict WordPress admin access via IP whitelist or firewall (WAF).<br\/><\/li>\n<\/ul>\n\n<p>Jetpack notably recommends changing passwords, enabling 2FA, and auditing accounts after an intrusion.<\/p>\n\n<h2 class=\"wp-block-heading\" id=\"5-mettre-en-place-une-strategie-de-sauvegarde-plan-de-restauration\">5. Implement a backup strategy + restoration plan<\/h2>\n\n<h3 class=\"wp-block-heading\" id=\"limportance-de-cette-etape\">The Importance of this Step<\/h3>\n\n<p>Without a backup, any new attack or error could lead to irreversible loss. Backup is your safety net. <\/p>\n\n<h3 class=\"wp-block-heading\" id=\"ce-que-doit-contenir-une-sauvegarde-complete\">What a Complete Backup should Contain<\/h3>\n\n<ul class=\"wp-block-list\">\n<li>All WordPress files (core, themes, plugins, media)<\/li>\n\n\n\n<li>The entire wp-content folder<\/li>\n\n\n\n<li>The database (tables, content, options)<\/li>\n\n\n\n<li>Sometimes server configuration files depending on hosting (e.g., .htaccess, nginx.conf)<br\/><\/li>\n<\/ul>\n\n<p>WordPress.org recommends backing up both files and the database.<\/p>\n\n<h3 class=\"wp-block-heading\" id=\"solutions-outils-de-sauvegarde\">Backup Solutions  Tools<\/h3>\n\n<ul class=\"wp-block-list\">\n<li>Reliable plugins: UpdraftPlus, BackupBuddy, Jetpack (Backups), Duplicator, etc.<a href=\"https:\/\/www.wpbeginner.com\/beginners-guide\/how-to-backup-your-wordpress-site\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\"> <\/a><\/li>\n\n\n\n<li>Off-server storage: cloud (Google Drive, Amazon S3, Dropbox), external server, local storage.<\/li>\n\n\n\n<li>Regular automatic backups (daily or depending on activity) + ad-hoc backups before major updates.<\/li>\n\n\n\n<li>Regular restoration testing (in a test environment) to ensure backups are working.<\/li>\n\n\n\n<li>Keep multiple backup versions (history) to be able to go back far if necessary.<br\/><\/li>\n<\/ul>\n\n<p>According to Jetpack: &#8220;You need to perform regular backups, run scans, update your site, etc.&#8221;<a href=\"https:\/\/jetpack.com\/resources\/wordpress-security-tips-and-best-practices\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"> Jetpack<br\/> And the Developer Handbook recommends regular snapshots stored in a trusted location.<\/a><a href=\"https:\/\/developer.wordpress.org\/advanced-administration\/security\/hardening\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\"> WordPress Developer Resources<\/a><\/p>\n\n<h3 class=\"wp-block-heading\" id=\"plan-de-restauration\"><strong>Restoration Plan<\/strong><\/h3>\n\n<ul class=\"wp-block-list\">\n<li>In case of a new compromise, identify the last clean backup.<\/li>\n\n\n\n<li>Restore files and the database from that backup.<\/li>\n\n\n\n<li>After restoration, apply security actions (steps 1 to 4) to &#8220;harden&#8221; the site.<\/li>\n\n\n\n<li>Document the restoration process to save time if it happens again.<br\/><\/li>\n<\/ul>\n\n<h2 class=\"wp-block-heading\" id=\"etapes-complementaires-apres-nettoyage\">Additional Steps  Post-Cleanup<\/h2>\n\n<ul class=\"wp-block-list\">\n<li><strong>Contact the host \/ provider<\/strong>: they can help you isolate the attack, clean server-side files, or provide untapped logs.<\/li>\n\n\n\n<li><strong>Check if the site is blacklisted<\/strong> (Google Safe Browsing, antivirus, search engines). If so, request a re-evaluation via Google Search Console after cleanup. <\/li>\n\n\n\n<li><strong>Monitor logs and activity<\/strong> for several days post-cleanup to detect any re-injection attempts.<\/li>\n\n\n\n<li><strong>Train users\/administrators<\/strong>: best practices (do not install pirated themes\/plugins, limit rights, do not browse as admin, etc.).<\/li>\n\n\n\n<li><strong>Deactivate \/ delete unnecessary components<\/strong>: unused themes, deactivated plugins \u2014 even when deactivated, they can be vulnerable.<\/li>\n\n\n\n<li><strong>Harden the WordPress installation<\/strong>: disable file editing via the dashboard, limit login attempts, disable XML-RPC if unused, etc.<\/li>\n\n\n\n<li><strong>Install an application firewall (WAF)<\/strong> or activate your security plugin&#8217;s firewall to block malicious attempts before they reach WordPress.<\/li>\n<\/ul>\n\n<p><\/p>\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td><strong>Step<\/strong><\/td><td><strong>Main Action<\/strong><\/td><td><strong>Objective<\/strong><\/td><\/tr><tr><td>1<\/td><td>Install security plugin  run a scan<\/td><td>Identify visible infections<\/td><\/tr><tr><td>2<\/td><td>Identify and isolate suspicious files<\/td><td>Detect backdoors and malicious code<\/td><\/tr><tr><td>3<\/td><td>Reinstall clean core \/ themes \/ plugins<\/td><td>Only keep &#8220;reliable&#8221; code<\/td><\/tr><tr><td>4<\/td><td>Change all passwords  lock access<\/td><td>Prevent any new intrusion<\/td><\/tr><tr><td>5<\/td><td>Implement backup + restoration plan<\/td><td>Protect against future losses<\/td><\/tr><\/tbody><\/table><\/figure>\n\n<h2 class=\"wp-block-heading\" id=\"recapitulatif\">Summary:<\/h2>\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"683\" height=\"1024\" src=\"https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Plan-action-piratage-WordPress-683x1024.jpg\" alt=\"WordPress hacking action plan\" class=\"wp-image-2693\" srcset=\"https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Plan-action-piratage-WordPress-683x1024.jpg 683w, https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Plan-action-piratage-WordPress-200x300.jpg 200w, https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Plan-action-piratage-WordPress-768x1152.jpg 768w, https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Plan-action-piratage-WordPress-500x750.jpg 500w, https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Plan-action-piratage-WordPress-800x1200.jpg 800w, https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Plan-action-piratage-WordPress.jpg 1024w\" sizes=\"auto, (max-width: 683px) 100vw, 683px\" \/><\/figure>\n\n<ol class=\"wp-block-list\">\n<li>Run a highly sensitive security scan.<\/li>\n\n\n\n<li>Identify and isolate all suspicious files.<\/li>\n\n\n\n<li>Reinstall reliable WordPress components.<\/li>\n\n\n\n<li>Change all access and harden accounts.<\/li>\n\n\n\n<li>Establish a solid and tested backup strategy.<br\/><\/li>\n<\/ol>\n\n<p>Without a clean backup, each step is even more critical as you have to rebuild security &#8220;by hand.&#8221; <br\/>But if you follow these steps methodically, you can hope to restore a clean site and start on a resilient foundation.<\/p>\n\n<h2 class=\"wp-block-heading\" id=\"sources\">Sources <\/h2>\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/blog.sucuri.net\/2024\/09\/7-steps-to-remove-malware-from-wordpress.html\" target=\"_blank\" rel=\"noreferrer noopener\">Sucuri Blog<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/jetpack.com\/support\/scan\/how-to-clean-your-hacked-wordpress-site\/\" target=\"_blank\" rel=\"noopener\">Jetpack<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.wpbeginner.com\/beginners-guide\/how-to-backup-your-wordpress-site\/\" target=\"_blank\" rel=\"noreferrer noopener\">WPBeginner<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/developer.wordpress.org\/advanced-administration\/security\/backup\/\" target=\"_blank\" rel=\"noreferrer noopener\">WordPress Developer Resources<\/a><\/li>\n<\/ul>\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Finding yourself with a compromised WordPress site and no restorable backup is a stressful situation \u2014 but not all is lost. With quick, methodical, and precise actions, it&#8217;s possible to clean the installation, restore the site&#8217;s integrity, and implement future defenses. This article guides you step-by-step with 5 key reflexes, each detailed with its rationale, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2692,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_vp_format_video_url":"","_vp_image_focal_point":[],"footnotes":""},"categories":[191],"tags":[],"class_list":["post-2697","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-web-design-en"],"uagb_featured_image_src":{"full":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss.jpg",1024,543,false],"thumbnail":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss-150x150.jpg",150,150,true],"medium":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss-300x159.jpg",300,159,true],"medium_large":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss-768x407.jpg",768,407,true],"large":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss.jpg",1024,543,false],"1536x1536":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss.jpg",1024,543,false],"2048x2048":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss.jpg",1024,543,false],"vp_sm":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss-500x265.jpg",500,265,true],"vp_md":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss-800x424.jpg",800,424,true],"vp_lg":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss.jpg",1024,543,false],"vp_xl":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss.jpg",1024,543,false],"vp_sm_popup":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss-500x265.jpg",500,265,true],"vp_md_popup":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss-800x424.jpg",800,424,true],"vp_xl_popup":["https:\/\/cassiopea.ca\/wp-content\/uploads\/2025\/10\/Cybersecurite-hack-wordpresss.jpg",1024,543,false]},"uagb_author_info":{"display_name":"Arthur Cotton","author_link":"https:\/\/cassiopea.ca\/en\/blogue\/author\/acotton\/"},"uagb_comment_info":0,"uagb_excerpt":"Finding yourself with a compromised WordPress site and no restorable backup is a stressful situation \u2014 but not all is lost. With quick, methodical, and precise actions, it&#8217;s possible to clean the installation, restore the site&#8217;s integrity, and implement future defenses. This article guides you step-by-step with 5 key reflexes, each detailed with its rationale,&hellip;","_links":{"self":[{"href":"https:\/\/cassiopea.ca\/en\/wp-json\/wp\/v2\/posts\/2697","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cassiopea.ca\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cassiopea.ca\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cassiopea.ca\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cassiopea.ca\/en\/wp-json\/wp\/v2\/comments?post=2697"}],"version-history":[{"count":0,"href":"https:\/\/cassiopea.ca\/en\/wp-json\/wp\/v2\/posts\/2697\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cassiopea.ca\/en\/wp-json\/wp\/v2\/media\/2692"}],"wp:attachment":[{"href":"https:\/\/cassiopea.ca\/en\/wp-json\/wp\/v2\/media?parent=2697"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cassiopea.ca\/en\/wp-json\/wp\/v2\/categories?post=2697"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cassiopea.ca\/en\/wp-json\/wp\/v2\/tags?post=2697"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}