how do you clean wordpress site?

ron13315

Member
Joined
Jul 23, 2014
Messages
275
Points
18
Hey my wordpress site got infected. I found many malicious file in the wordpress folder that made my site down thats why I updated my wordpress core files manually.

The site is up and running now but I can see that it still creating a user automatically.

Do you have an idea how can I locate this wordpress virus that create users automatically?
 

Mivocloud

New member
Joined
Dec 22, 2020
Messages
15
Points
3
Hello,

1) You need to change the administrator password, FTP, SSH, Database and others.
2) Check your CRON rules.
3) Check the logs on your server, if it is shared, it is best to ask the support department to do this.
 

Marc van Leeuwen

Premium Member
Joined
May 29, 2016
Messages
858
Points
28
The site is up and running now but I can see that it still creating a user automatically.

Do you have an idea how can I locate this wordpress virus that create users automatically?
It requires a bit more skills to clean WP site when it got infected.
If your site is infected, then you better hire a specialist to fix the situation.
If you are not an expert in WP, you should go with this option :)
 

RenderedElite

Member
Joined
Oct 15, 2015
Messages
117
Points
18
If you don't know what you're doing then hire a WordPress specialist ASAP. You can run a scan to check if any core WordPress files have been modified. If they have, then simply delete and replace them with a fresh copy. You will need to use FTP to login and do this, or even using the file browser from your cpanel will do. If you don't know how to manually check for modified WP files, then use something like Wordfence or Sucuri SiteCheck. Both are free.

Clean up all spam/malicious code, then delete all spam users and change your admin password. Install Wordfence or other security plugin and set it up right to keep your site safe. There's also a plugin called WPS Hide Login which helps prevent a lot of brute force attacks and other malicious behavior.

Good luck!
 

alexhost2

New member
Joined
Jan 30, 2021
Messages
5
Points
3
If is Shared Hosting, you should contact support. Because they are the only, who can check and have full access to more things, you can't do.

If is VPS, well first thing. I'm opinion you should have a old backup to prevent that.

Disable Plugins (Checking for vulnerabilities also)
Change Password and Email.
Limiting attempts to login in Wordpress Admin Panel
Reinstall SO (this can be done, in preventing way).
Check for infected files etc.
Changing SSH Port
Changing Root Privileges
Check permissions of folders, files etc
Also Check Logs.
 
Older threads
Replies
91
Views
9,915
Replies
0
Views
691
Replies
0
Views
1,686
Replies
4
Views
1,710
Newer threads
Latest threads
Replies
6
Views
61
Replies
0
Views
33
Replies
2
Views
87
Replies
2
Views
100
Replies
2
Views
83

Latest postsNew threads

Referral contests

Referral link for :

Sponsors

Latest Blog ArticlesMost Viewed Threads

Popular tags

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top