how do you clean wordpress site?

ron13315

Member
Joined
Jul 23, 2014
Messages
283
Points
18
Hey my wordpress site got infected. I found many malicious file in the wordpress folder that made my site down thats why I updated my wordpress core files manually.

The site is up and running now but I can see that it still creating a user automatically.

Do you have an idea how can I locate this wordpress virus that create users automatically?
 

Mivocloud

New member
Joined
Dec 22, 2020
Messages
13
Points
3
Hello,

1) You need to change the administrator password, FTP, SSH, Database and others.
2) Check your CRON rules.
3) Check the logs on your server, if it is shared, it is best to ask the support department to do this.
 

Marc van Leeuwen

Premium Member
Joined
May 29, 2016
Messages
1,132
Points
63
The site is up and running now but I can see that it still creating a user automatically.

Do you have an idea how can I locate this wordpress virus that create users automatically?
It requires a bit more skills to clean WP site when it got infected.
If your site is infected, then you better hire a specialist to fix the situation.
If you are not an expert in WP, you should go with this option :)
 

RenderedElite

Active member
Joined
Oct 15, 2015
Messages
155
Points
28
If you don't know what you're doing then hire a WordPress specialist ASAP. You can run a scan to check if any core WordPress files have been modified. If they have, then simply delete and replace them with a fresh copy. You will need to use FTP to login and do this, or even using the file browser from your cpanel will do. If you don't know how to manually check for modified WP files, then use something like Wordfence or Sucuri SiteCheck. Both are free.

Clean up all spam/malicious code, then delete all spam users and change your admin password. Install Wordfence or other security plugin and set it up right to keep your site safe. There's also a plugin called WPS Hide Login which helps prevent a lot of brute force attacks and other malicious behavior.

Good luck!
 

alexhost2

New member
Joined
Jan 30, 2021
Messages
5
Points
3
If is Shared Hosting, you should contact support. Because they are the only, who can check and have full access to more things, you can't do.

If is VPS, well first thing. I'm opinion you should have a old backup to prevent that.

Disable Plugins (Checking for vulnerabilities also)
Change Password and Email.
Limiting attempts to login in Wordpress Admin Panel
Reinstall SO (this can be done, in preventing way).
Check for infected files etc.
Changing SSH Port
Changing Root Privileges
Check permissions of folders, files etc
Also Check Logs.
 

analytify

New member
Joined
Apr 8, 2021
Messages
1
Points
0
use iThemes Security plugin, this plugin will help you to scan your whole website and secure your website from hacking attacks.
 

tayyabwpb

New member
Joined
Apr 6, 2021
Messages
29
Points
3
1. Remove Useless pages from your website
2. Remove unused CSS and JS filed from your website server
3. Remove WP Plugins that you are not using
4. Scan your website & Remove uselss files & Images from your website.
 

harrygreen90

Active member
Joined
Dec 17, 2013
Messages
413
Points
28
If your WordPress site has been infected with malware, it's important to take steps to remove it as soon as possible to prevent further damage. Here are some steps you can take to locate and remove the malware that is causing your site to create users automatically:
  1. Scan your site: Use a security plugin like Wordfence, Sucuri or Anti-Malware to scan your site and identify any malicious files.
  2. Remove malicious files: Delete any malicious files identified by the security scan.
  3. Check your database: Look for any suspicious or unauthorized users in your WordPress database and delete them.
  4. Check your themes and plugins: Make sure that all of your themes and plugins are up-to-date and delete any that are no longer needed or are not from reputable sources.
  5. Update your login credentials: Change your WordPress login credentials, including your username and password, to a strong and unique combination.
  6. Monitor your site: Regularly monitor your site for any signs of malware and continue to update your security measures to prevent future infections.
If you are unable to locate and remove the malware yourself, you may need to seek help from a professional website security service or WordPress developer.
 

Danetted

New member
Joined
Feb 22, 2022
Messages
15
Points
3
Have you solved your problem yet? If so, share your experience:unsure:
 
Older threads
Replies
91
Views
17,516
Replies
0
Views
1,679
Replies
0
Views
3,092
Replies
4
Views
3,183
Newer threads

Referral contests

Referral link for :

Sponsors

Popular tags

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top