Replace domain in database

I agree that the Better Search and Replace plugin is great for search/replace of the WP database.

But be aware that there are many other things you need to do to recover a hacked site. There are many places to get that info, but when I do it, I

  • change all credentials/passwords: database, FTP, hosting, admin-level
    users

  • reinstall WP (from the Updates screen), then reinstall all
    plugins/themes from original sources

  • Look closely at all files for modified dates that are not ‘right’
    (using the hosting/FTP file manager to sort by date is helpful; most
    valid files will have similar dates)

  • Remove access to the xmlrpc.prg fle – that is a great attack vector

  • Check for any file names that are not expected. And check everywhere.

Details on how I recover from a hacked site are more than can be placed in an answer here. But I’ve detailed my procedure here, which may be helpful. It is possible to recover a hacked site, but it does take some effort. And it will take a while for the search engines to get the changes updated after you fix things.

Related Posts:

  1. Verifying that I have fully removed a WordPress hack?
  2. If a hacker changed the blog_charset to UTF-7 does that make WordPress vulnerable to further attacks?
  3. Tips for finding SPAM links injected into the_content
  4. What should I do about hacked server?
  5. How can I find security hole in my wordpress site?
  6. How to prevent bot or someone to modify any file automatically?
  7. wp-config.php modified?
  8. Suspicious Files
  9. How to prevent wp-login brute force attack from thousand of different IP? [duplicate]
  10. Malware script in database post table only? [closed]
  11. Verifying that I have fully removed a WordPress hack?
  12. How can I safely hide the fact that my website runs on WordPress? [closed]
  13. My WordPress Websites are always under attack
  14. How to find exploited wordpress plugin [closed]
  15. Any known bugs that could cause disappearance of the wp_users table?
  16. On new server, site got hacked, permissions a bit strange? Please help
  17. Remove hacked code – out of ideas! [closed]
  18. WordPress Database Re-installed (Hacked)
  19. Verifying that I have fully removed a WordPress hack?
  20. Could a user account with a stolen password compromised entire WP site?
  21. how to find the way they hacked my WP site
  22. How to stop repeated hack on header.php of custom theme? [closed]
  23. Is my WP site being hacked?
  24. Should WordPress Add Options to Enhance Security or Leave it to plugin developers? [closed]
  25. WordPress Hacks/Defacing [closed]
  26. what is a auth_user_file.txt?
  27. Is moving wp-config outside the web root really beneficial?
  28. Best way to eliminate xmlrpc.php?
  29. Should I remove install.php and install-helper.php?
  30. How do I technically prove that WordPress is secure?
  31. Which KSES should be used and when?
  32. Disable comment windows for all existing posts (pages/blogposts)
  33. How Attackers write script into my php files?
  34. Generate WordPress salt
  35. Vanilla WordPress install, what can/should I put in disable_functions?
  36. Stop wordpress automatically escaping $_POST data
  37. Secure my “add_settings_field” translation?
  38. how can i embed wordpress backend in iframe
  39. Handling nonces for actions from guests to logged-in users
  40. WordPress Logout Only If User Click Logout or If User Delete Browser History
  41. Can I force a password change?
  42. What is pclzip.lib.php file that wordfence think it’s a malicious code
  43. How to disable XML-RPC from Linux command-line in a total way?
  44. How to remove javascript malware in wordpress site [closed]
  45. Completely remove the author url
  46. Securing my WordPress Files and Directories
  47. Restricting access to content
  48. About WordPress site security
  49. Single sign-on: wp_authenticate_user vs wp_authenticate
  50. How to allow internal links using wp_kses filtration
  51. hSite has no css on mobile [closed]
  52. How does Cross Site Scripting (XSS) work exactly? [closed]
  53. How does the “authentication unique keys and salts” feature work?
  54. vs WordPress Security
  55. esc_html__ security : what for in this example?
  56. wp-config.php being written by attacker
  57. XML-RPC errors they know my username?
  58. Is [admin / admin] acceptable for all local websites?
  59. Simple Online Payment for Event Registration [closed]
  60. What may be causing failure of auto-install features in WordPress (v3.0.3)?
  61. Client side HTTP parameter pollution (reflected)
  62. Local file inclusion critical security issue [closed]
  63. Best practices to assert current_user_can() with guests
  64. XMLRPC slow and weird websites/services
  65. Is it safe to hand over the admin rights?
  66. Hack-Proof OR Security in WordPress — is it real?
  67. How I can open back door for myself?
  68. Basic password protection without using users and roles
  69. How can I force a specific password?
  70. malware undetectable by multiple scans
  71. Who updates the wp-admin/core file?
  72. How WordPress sanitizes post content on save? Or it doesn’t?
  73. Security issue with ‘paged’ and ‘posts_per_page’ parameters taken directly from a POST request?
  74. How to prevent to direct access of my custom plugin folder/files
  75. Checking for origin of a xmlrpc request
  76. RESTRICT EDIT of PHP files?
  77. wp-content – permissions for files/folders created by apache
  78. How can I restrict access to specific parts of a page, not just the page itself?
  79. User generated content and security
  80. Monitor wordpress all external calls
  81. Is it safe to use the basic administration with reduced rights for private member space
  82. Securing WordPress running on Azure platform
  83. Spam Registrations
  84. How can I have more confidence that WP plugins aren’t getting and storing user data?
  85. Standard Method for Securing a WordPress Site
  86. wordpress security (only one part of the site)
  87. Avoid ‘uploads’ 777 permissions: Potential threat or clean solution?
  88. Any way to disable /wp-login.php redirecting to the site folder?
  89. Folder Permissions + Security Concerns
  90. Malware/Permission bug removal?
  91. Step by Step Instructions for Making Media/Uploads Private to Only Logged-In Users
  92. Secure a WordPress website in 2019: one plugin or a combinations of them?
  93. What are the different types of firewall protections available for a WordPress website?
  94. Run a security scan on WordPress site that has .htaccess password [closed]
  95. Is this a WordPress security bug?
  96. Competitor is somehow accessing MetaData on a hidden WordPress site
  97. How do you search for backdoors from the previous IT person?
  98. Why is SSH password authentication a security risk?
  99. Is wp-cron.php vulnerable to external attacks and how to protect it?
  100. How to address security vulnerabilities: LUCKY13, BEAST, and BREACH