OK so someone has somehow managed to hack into one of my wordpress sites. The site is villaalexandra.co.uk
I have managed to login to the backend and ftp and have found someone has placed a html file in htdocs which led to a "hacked by hacker" webpage being shown as the homepage.I've deleted this file and reinstalled wordpress but the page is still showing. Cache? (I have no caching plugins)
The theme files all seem OK so don't think it's that.
Quite worrying that someone managed to place a file in the website's root. Any idea how I find out how they did it?