18 Responses

  1. vividvilla
    vividvilla June 3, 2013 at 16:08 | | Reply

    Removing Malicious Code in core files very difficult so what I do is replace all the core files with new WordPress files.I just exclude /wp-contents folder.

  2. Ivica Delic (@Free_lanceTools)
    Ivica Delic (@Free_lanceTools) June 3, 2013 at 20:19 | | Reply

    Or instead of performing steps 1 to 3 you use Anti-Malware (Get Off Malicious Scripts) plugin and scan/clean all your infected files without much hassle, at the speed of the light (as I did more then once) 🙂


    Try it – you’ll be amazed what this little piece of security art can do for your hacked/infected sites… oh yes, I didn’t mention it: IT’S FREE! 🙂

    Enjoy it…
    …. and prevention – it’s best protection, always.

  3. internetwise
    internetwise June 11, 2013 at 10:17 | | Reply

    great tips! looking forward to putting some new tricks to use 🙂

  4. Ken
    Ken June 11, 2013 at 22:48 | | Reply

    People often forget that they need to replace their WP authentication codes, as that can have a good impact on stopping users that already have access.

    I specialize in helping people with hacked WordPress sites: http://www.wpishacked.com

    Additionally, I’d highly recommend hardening your WP-includes folder after you’ve replaced the bunk files.

  5. Sean Walberg
    Sean Walberg June 15, 2013 at 05:20 | | Reply

    The Sucuri site doesn’t catch everything. I’ve been working on a tool that does some more elaborate tests to detect malware that tries to hide from regular detection. I have been seeing a lot of WP/Joomla/Drupal sites get hacked so I’ve been building tools to help me investigate them.

  6. Surendra Mishra
    Surendra Mishra July 21, 2013 at 17:10 | | Reply

    Hi jean, I would like a website which not only scan your domain but also remove malware and hacked content. Hackerninja.com all is free, please have a look and add your feedback. Best online scanner for WP and joomla.

  7. Michal Wendrowski
    Michal Wendrowski September 9, 2013 at 04:54 | | Reply

    Hey Jean, great post! Please also remember to turn on two-factor authentication (2FA).

    Our solution is Rublon, invisible 2FA. It protects your account from sign ins from unknown devices, even if your password gets stolen: http://wordpress.org/plugins/rublon/

  8. James
    James October 11, 2013 at 02:16 | | Reply

    Thanks for a great article with tips I will implement on my WordPress Site.
    One of my sites recently was hacked by the “Turkish Hacker – ET06”. I immediately panicked and began to look at code that may have been placed in some of the core file of WordPress.
    After some investigation, I found the problem was not as bad as I had originally thought.
    I was able to easily remove the problem and my site was up and running again in under 5 minutes.
    I have written an article that explains the steps I took to clean my WordPress site from the Turkish Hackers attach.
    My article is at: http://info4693.info/wordpress-site-hacked-by-turkish-hacker

  9. Michael
    Michael November 17, 2013 at 22:25 | | Reply

    The number one step to take when building a new WordPress site is without a doubt to update the WordPress secret key. I have never had an issue when this has been setup properly.

    On the flip side, every hacked site doesn’t have the secret key installed.

    It’s a must.


  10. Dave D
    Dave D January 28, 2017 at 19:19 | | Reply

    This is definitely becoming a common problem nowadays. So far my sites have been safe but better to be careful than not. This list will serve as a good resource for me and many others. Prevention is key, keeping everything up to date and having a security plugin installed properly is good practice as well.

  11. Asraf
    Asraf October 23, 2017 at 07:57 | | Reply

    Hi Jean Galea,

    I used Cwatch tool to recover my WordPress website, I strongly recommend you to use this tool, When compared to other tools or service provider it’s very affordable too.

Leave a Reply