Nice article from the folks behind the Sucuri Security Plugin.
1. Identify Hack
- Install the Sucuri Plugin
- Scan Your Site
- Check Core File Integrity
- Check Recently Modified Files
- Confirm User Logins
2. Remove Hack
- Clean Hacked Website Files
- Clean Hacked Database Tables
- Secure User Accounts
- Remove Hidden Backdoors
- Remove Malware Warnings
3. Post-Hack
- Update and Reset
- Harden WordPress
- Set Backups
- Scan Your Computer
- Install Website Firewall