Re-Installing WordPress after being hacked

I created a new mySQL database just to be safe.
All questions above are still unresolved.

After editing the wp-config file I did the following:
https://johnsmith.com/wp-admin/install.php to access the setup page.
(johnsmith.com is not the actual domain name).
I received the follwing:
The webpage at https://johnsmith.com/wp-admin/install.php has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.
I deleted cookies, no change.
How do I know if I set up the SQL database properly?
Is it normal that the size is at 0mb?

I created a new mySQL database just to be safe.
All questions above are still unresolved.

But you seem to have worked out the answers to most of them. ??

What is the actual domain name?

teentourtheatre.com

I get this:

Fatal error: Cannot redeclare iis7_supports_permalinks() in /home/teentour/public_html/wp-admin/includes/misc.php on line 384

I’ve never dealt with that, but I did find this thread.

replace wp-admin folder and see it resolves your problem.

Govpatel,

Thank you very much that solved the problem.
Once I am set up can I replace the entire contents of that folder to the wp-admin folder that I have backed up before my site was hacked?

You are welcome
You can use the one you have working now no need to go back to the one you backed up.

As someone who has been hacked, what is the minimum I should do to keep my site safe?

Start here:

https://codex.www.ads-software.com/Hardening_WordPress

Apljdi, thanks but as a newbie it would be great to have specific examples of what to do. The link has alot of info but covers the topic in general.

Seriously, start at the top of that file, read the first point, understand it and implement it. Then move on. Ask about particular point that you don’t understand in the forums. Server security is not simple– consider that very big companies with well paid and well trained network security people do get hacked. So start at the top and expect to have to learn things, but WordPress has probably the most helpful user-based support I’ve ever seen.

Ok point well taken. I guess the most important thing for me is to have a backup of the site. When I first created the site for some reason I backed the wp-admin file. Is this a backup of only code that was edited?
Once the site is re-created I want to do a proper backup, what would be your suggestion?
BTW thx for all the help , it is much appreciated.

I guess the most important thing for me is to have a backup of the site.

Yep. Keep a recent backup of the database and the php/css files.

You shouldn’t really be editing anything in the wp-admin folder. Most everything you edit will be in wp-content. That is most critical. For that, I’d use FileZilla. Your content– posts, pages, categories, comments, all that stuff– is in the database. For that use PhpMyAdmin if you have it available. It has to run on your server but it is pretty common. And never, ever edit backups. Once you do they are no longer backups. ?? Edit copies of backups.

Thx. So for any php files I edited, will they be in wp-content folder?

It’s in my theme folder – never mind.