So your site has been hacked, now what?
Contact your web hosting provider: Let them know your site has been compromised. They will be able to do damage assessment, check server logs for suspicious activities, unauthorized entries, and determine if other sites in their system have been affected by this as well.
Scan your computer: It’s possible your website was compromised through your desktop. Run a full anti-virus and malware scan on your computer.
Change your passwords: Make sure to change the passwords for all your accounts. Make sure to use mixed-case letters (a, A, b, B), numbers, punctuation (. , ! ?), and symbols ($ % #) when creating your passwords. You want to make sure you have a strong password. If multiple people have access to the site, make sure everybody has an unique username. Sharing a single login is convenient, but not a good idea.
Take your site offline: If you are able to take your site temporarily offline, you want to prevent your visitors from being exposed to potential harm. (Just until you know things have been fixed.)
Search Google and Bing: Perform a web search on your domain, look for unusual or malicious URLs (ex: site:YOURDOMAIN.com ).
Remove hacked pages from Google Search Results: Go to Google Webmaster Tools and use the URL Removal Tool. That will allow you to request the hacked pages removed from the search index. If you don’t have a Google account, you will need to sign-up for one. (It’s free.)
Restore site from a backup: If you have a clean backup version of your site and databases, re-upload it through FTP or SFTP.
Once you are back up, perform regular backups and and keep an eye on things.