I have searched around and seen 'what to do if your site is hacked', and I'm not (necessarily!) looking for a plug in. The site I look after was hacked a while ago and I think all is well now. I think I fixed it and I get a clean bill of health from Wordfence. I am getting the occasional report of malicious code warnings in Chrome always reports from people who were told by someone else and I'm struggling to track it down. My suspicion is that it's some kind of caching and the site is clean now (I don't get it on any browser I've tried on 3 or 4 machines). I just wondered that sounded plausible or if there is anything anyone would recommend before / until I can find someone who has actually had the problem !?
I have searched around and seen 'what to do if your site is hacked', and I'm not (necessarily!) looking for a plug in. The site I look after was hacked a while ago and I think all is well now. I think I fixed it and I get a clean bill of health from Wordfence. I am getting the occasional report of malicious code warnings in Chrome always reports from people who were told by someone else and I'm struggling to track it down. My suspicion is that it's some kind of caching and the site is clean now (I don't get it on any browser I've tried on 3 or 4 machines). I just wondered that sounded plausible or if there is anything anyone would recommend before / until I can find someone who has actually had the problem !?
Share Improve this question asked May 11, 2019 at 9:39 gringogordogringogordo 1011 bronze badge1 Answer
Reset to default 1If you want to be certain your site is clean, you can either start with a fresh install of WordPress, all of your plugins and the theme. An alternative would be to use the WP CLI verify-checksums to check your core and plugins for any modifications.
Perhaps the hardest one to clean is your database as malicious code could be hiding in any number of tables. Take a backup first before you do any sort of cleanup, and then you can start to look for common malicious code markers such as PHP eval, base64_decode, gzinflate, shell_exec etc. Take a look at this article for some further explanation on these.
The How to Clean a WordPress Hack article on the Securi website is also worth a read.