how do you clean wordpress site?

[ron13315]

Hey my wordpress site got infected. I found many malicious file in the wordpress folder that made my site down thats why I updated my wordpress core files manually.

The site is up and running now but I can see that it still creating a user automatically.

Do you have an idea how can I locate this wordpress virus that create users automatically?

 

[Mivocloud]

Hello,

1) You need to change the administrator password, FTP, SSH, Database and others.
2) Check your CRON rules.
3) Check the logs on your server, if it is shared, it is best to ask the support department to do this.

 

[Dopani]

Dopani

It is just the way to make your website secure, not make your wordpress website clean

 

[Traffic]

I can install wordpress in my server with one click so no big deal to make another install. Just takes up loads of space which can free up deleting later.

 

[Krospix]

If your site is infected, then you better hire a specialist to fix the situation.

 

[Marc van Leeuwen]

The site is up and running now but I can see that it still creating a user automatically.

Do you have an idea how can I locate this wordpress virus that create users automatically?

It requires a bit more skills to clean WP site when it got infected.
If your site is infected, then you better hire a specialist to fix the situation.

If you are not an expert in WP, you should go with this option

 

[RenderedElite]

If you don't know what you're doing then hire a WordPress specialist ASAP. You can run a scan to check if any core WordPress files have been modified. If they have, then simply delete and replace them with a fresh copy. You will need to use FTP to login and do this, or even using the file browser from your cpanel will do. If you don't know how to manually check for modified WP files, then use something like Wordfence or Sucuri SiteCheck. Both are free.

Clean up all spam/malicious code, then delete all spam users and change your admin password. Install Wordfence or other security plugin and set it up right to keep your site safe. There's also a plugin called WPS Hide Login which helps prevent a lot of brute force attacks and other malicious behavior.

Good luck!

 

[Traffic]

Create new directory and redo the site then import posts etc the amount of time to find individual files will determine why a new install is only real solution. What is actually wrong if you php changed etc then it may stop site functioning.

 

[alexhost2]

If is Shared Hosting, you should contact support. Because they are the only, who can check and have full access to more things, you can't do.

If is VPS, well first thing. I'm opinion you should have a old backup to prevent that.

Disable Plugins (Checking for vulnerabilities also)
Change Password and Email.
Limiting attempts to login in Wordpress Admin Panel
Reinstall SO (this can be done, in preventing way).
Check for infected files etc.
Changing SSH Port
Changing Root Privileges
Check permissions of folders, files etc
Also Check Logs.

 

[analytify]

use iThemes Security plugin, this plugin will help you to scan your whole website and secure your website from hacking attacks.

 

[tayyabwpb]

1. Remove Useless pages from your website
2. Remove unused CSS and JS filed from your website server
3. Remove WP Plugins that you are not using
4. Scan your website & Remove uselss files & Images from your website.

 

[harrygreen90]

If your WordPress site has been infected with malware, it's important to take steps to remove it as soon as possible to prevent further damage. Here are some steps you can take to locate and remove the malware that is causing your site to create users automatically:

1. Scan your site: Use a security plugin like Wordfence, Sucuri or Anti-Malware to scan your site and identify any malicious files.
2. Remove malicious files: Delete any malicious files identified by the security scan.
3. Check your database: Look for any suspicious or unauthorized users in your WordPress database and delete them.
4. Check your themes and plugins: Make sure that all of your themes and plugins are up-to-date and delete any that are no longer needed or are not from reputable sources.
5. Update your login credentials: Change your WordPress login credentials, including your username and password, to a strong and unique combination.
6. Monitor your site: Regularly monitor your site for any signs of malware and continue to update your security measures to prevent future infections.

If you are unable to locate and remove the malware yourself, you may need to seek help from a professional website security service or WordPress developer.

 

[Danetted]

Have you solved your problem yet? If so, share your experience