Many have problem with hacked WordPress sites.
Here is my workflow when a client hire me to fix it.
Please let me know if you do any thing else to a hacked WP.
Depending on the amount of plug-ins, uploads folder size, where to get the original theme and plugins, and ftp server speed, it takes me from 30 min. to clean a WP.
Thanks!
The 10 step guide to clean a hacked WP.
1)
Take a back-up
2)
Remove everything but the uploads folder. Save the DB connections from the wp-config.php for later use.
3)
Clean the uploads folder for all .htaccess (hidden) and php files.
4)
Install WP, theme and all plug-ins from there sources. Only install plug-ins that you REALLY need. Change the wp-config.php DB connection.
5)
Delete all unknown users i the DB.
6)
Change all passwords in the db and the server. And change the SALT key in the wp-config.php.
7)
Do this search in the DB and take a close look at all the results:
SELECT * FROM wp_posts WHERE post_content LIKE ‘%<iframe%’
UNION SELECT * FROM wp_posts WHERE post_content LIKE ‘%<noscript%’
UNION SELECT * FROM wp_posts WHERE post_content LIKE ‘%display:%’
8)
And the same with this SQL:
SELECT * FROM wp_postmeta WHERE meta_value LIKE ‘%<iframe%’
UNION SELECT * FROM wp_postmeta WHERE meta_value LIKE ‘%<noscript%’
UNION SELECT * FROM wp_postmeta WHERE meta_value LIKE ‘%display:%’
9)
Install a plugin like iThemes Security.
10)
Go live and pray 🙂
If the problem still there, then it’s one of the plugins, the theme or the server.
Also change SALTs in wp-config
Sent from my Samsung Galaxy smartphone.
