Due to the nature of (CMS) Open Source Content Management Systems like Wordpress and Joomla, although easy to use and customize they are very prompt to being hacked. Many users are usually not even aware they are using compromised themes and plugins when designing their CMS sites. Therefore causing their sites to be targeted. While our servers are properly hardened and secured, we will not have control over the security and software that customers upload or install on our servers.
Kindly refer below for the cleanup guide should your site be targeted and has been compromised.
Clean out everything in the account (some files might have security issues)
Install brand new latest version CMS (Wordpress/Joomla) in the account.
Set a different password (Control Panel/FTP/CMS/Database) and change it regularly.
Scan your PC/Laptop for any infections.
These links can confirm that the site is truly hacked.
There are some 3rd party hardening tools which could aid in simplifying the process. However please note 3rd party applications provided below are for references only and support should be requested from the respective 3rd party vendors. APC takes no responsibility arising from using these tools which could cause but not limited to lost of data, corrupted databases and other issues related to usage of said tools.