My first step is but I was helped by it. I had a good old fashion pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me.) And then I did what I should have done before I even started my site. And here is where I want you to start. Learn hacked. The attractive thing about repair hacked wordpress site and why so many people recommend it is because it is easy to learn. That can be a detriment to the health of our websites. We have to learn how to add a safety fence around our site.
Backup plug-ins is also dig this significant. You want to backup discover this database and all the files so in case of a sudden attack, you can bring back your site like nothing.
Luckily, keeping your WordPress site up-to-date is one of the easiest things you can do. For the past couple of versions, WordPress has included the ability to install updates. A new update becomes available.
Note that this last step for new installations should only try. You need to change of the table names within the database, if you would like to get it done for existing installations.
However, I advise that you set up the Login LockDown plugin in place of any.htaccess controls. Login requests will stop from being permitted from a specific IP address for an hour after three failed login attempts. You my link can still get into your admin panel while away from your office, and yet you have protection against hackers, if you do that.