If you think your WordPress website has been hacked, the first thing to do is a full backup. Now that may not be as straightforward as normal. If your backups are done via a WordPress plugin and your site is broken, then you have a major problem. Contact your web hosting provider and get them to do a manual backup of the whole site. Note don’t overwrite your only good backup with this backup as you may need to restore the WordPress files and possibly the WordPress database.

If you are not technical, you will need to call on your web hosting provider to help you. Now some web hosts don’t provide this service so you may need to call on a professional (that’s us… )

Often the first thing a hack(er) will do is disable access to your site for everyone but them. Again your hosting provider may need to help you here. A full restore of the WordPress files and the WordPress database may give get your access back. Bare in mind you don’t know when the site breach occurred. Often file timestamps are used to determine when the intrusion occurred. That does not always work as the hacker may have ensured the hack files had timestamps of a few months ago so this is not necessarily a good guide.