Todos when your Joomla site was hacked
Once your Joomla website was hacked, you should disable access to the website to avoid any further damage. As a webmaster you might be liable for problems caused by your website such as spreading malware to your visitors, using your web server to send out spam emails, etc. The process to take your website offline depends on your setup, the solution might be to simply rename the root directory as first measure. However, attacks follow different patterns and we strongly advise to consult an expert on this kind of matter.
Improve security in order to avoid further attacks
The question that comes into mind is what can be done to improve the security of your Joomla website and to avoid risks? Well, there are several things that should be done such as setting file rights properly, using secure credentials and passwords for all the accounts such as FTP, database and Joomla user accounts.
Backups should be carried out on a regular basis so that the project can be restored within a short time and to avoid longer downtime.
It might also be beneficial to arrange a service contract with a Joomla agency to outsource this kind of maintenance work so that you can focus on the content and your business. We are happy to get in contact to discuss any topics related to Joomla security and how to fix a hacked Joomla website.