Hi guys, i am running ubuntu 18.04 and ISPConfig 3 on my server. I had a problem that a Wordpress website was hacked. How is the best procedure when someone hack a website? thanks in advance for your kind help
Actually delete website and restore from backup. Else, reinstall all wordpress files, and then delete all files that have diffrent date/clock. And check database in all records for new users and posts. Next time, install Wordfence or Sucurity or similar firewall on all websites, these tools can also search for suspect content. And/or buy ISPprotect. https://ispprotect.com/
For a wordpress site specifically, I'd try https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/
