how do you clean wordpress site?

ron13315

Member
Joined
Jul 23, 2014
Messages
276
Points
18
Hey my wordpress site got infected. I found many malicious file in the wordpress folder that made my site down thats why I updated my wordpress core files manually.

The site is up and running now but I can see that it still creating a user automatically.

Do you have an idea how can I locate this wordpress virus that create users automatically?
 

Mivocloud

New member
Joined
Dec 22, 2020
Messages
15
Points
3
Hello,

1) You need to change the administrator password, FTP, SSH, Database and others.
2) Check your CRON rules.
3) Check the logs on your server, if it is shared, it is best to ask the support department to do this.
 

Marc van Leeuwen

Premium Member
Joined
May 29, 2016
Messages
878
Points
28
The site is up and running now but I can see that it still creating a user automatically.

Do you have an idea how can I locate this wordpress virus that create users automatically?
It requires a bit more skills to clean WP site when it got infected.
If your site is infected, then you better hire a specialist to fix the situation.
If you are not an expert in WP, you should go with this option :)
 

RenderedElite

Active member
Joined
Oct 15, 2015
Messages
121
Points
28
If you don't know what you're doing then hire a WordPress specialist ASAP. You can run a scan to check if any core WordPress files have been modified. If they have, then simply delete and replace them with a fresh copy. You will need to use FTP to login and do this, or even using the file browser from your cpanel will do. If you don't know how to manually check for modified WP files, then use something like Wordfence or Sucuri SiteCheck. Both are free.

Clean up all spam/malicious code, then delete all spam users and change your admin password. Install Wordfence or other security plugin and set it up right to keep your site safe. There's also a plugin called WPS Hide Login which helps prevent a lot of brute force attacks and other malicious behavior.

Good luck!
 

alexhost2

New member
Joined
Jan 30, 2021
Messages
5
Points
3
If is Shared Hosting, you should contact support. Because they are the only, who can check and have full access to more things, you can't do.

If is VPS, well first thing. I'm opinion you should have a old backup to prevent that.

Disable Plugins (Checking for vulnerabilities also)
Change Password and Email.
Limiting attempts to login in Wordpress Admin Panel
Reinstall SO (this can be done, in preventing way).
Check for infected files etc.
Changing SSH Port
Changing Root Privileges
Check permissions of folders, files etc
Also Check Logs.
 

analytify

New member
Joined
Apr 8, 2021
Messages
1
Points
0
use iThemes Security plugin, this plugin will help you to scan your whole website and secure your website from hacking attacks.
 

tayyabwpb

New member
Joined
Apr 6, 2021
Messages
29
Points
3
1. Remove Useless pages from your website
2. Remove unused CSS and JS filed from your website server
3. Remove WP Plugins that you are not using
4. Scan your website & Remove uselss files & Images from your website.
 
Older threads
Replies
91
Views
10,952
Replies
0
Views
949
Replies
0
Views
1,964
Replies
4
Views
1,998
Newer threads
Recommended threads
Replies
3
Views
435
Replies
8
Views
1,293
Replies
4
Views
2,157
Replies
6
Views
2,943
Replies
8
Views
2,505

Referral contests

Referral link for :

Sponsors

Latest Blog ArticlesMost Viewed Threads

Popular tags

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top