So, your wordpress site has been hacked…<\/p>\n
Hidden php file that contains the malicious code. <\/p>\n
1. Make a backup of your site including the database.
\nIn your control panel there should be a backup application to make a backup of your entire site. Once the backup is complete, download the created file.
\nUse ftp to copy your entire site to your local computer.
\nUse phpmyadmin to make a dump (copy) of the database. <\/p>\n
It is better to have to many backups then not enough and lose your data. <\/p>\n
2. Make a screen shot of your plugins and themes (optional as you do have the names and files in the backups) <\/p>\n
3. Remove all plugins and themes and see if that gets rid of the malicious code. <\/p>\n
If that does not remove the malicious code then the site needs to be deleted and re-created. <\/p>\n
4. Remove wordpress from your installed applications in your control panel. This will delete permanently the wordpress site. <\/p>\n
5. Re-install wordpress in your control panel and make sure that wordpress is up to date. <\/p>\n
6. Edit the mysql database dump file and change the name of the database to be the newly created database name. <\/p>\n
7. Inside of phpmyadmin, remove all the tables that wordpress created. <\/p>\n
8. Import the database dump file. When it is imported, it will create all of the tables that were just deleted. <\/p>\n
9. Verify that the site comes up with the correct data and that the malicious code has been removed. <\/p>\n
10. Re-install any plug-ins and themes. <\/p>\n
11. Copy the uploaded files that was in the original site. Typically these files are under \/wordpress\/wp-content\/uploads <\/p>\n","protected":false},"excerpt":{"rendered":"
So, your wordpress site has been hacked… Hidden php file that contains the malicious code. 1. Make a backup of your site including the database. In your control panel there should be a backup application to make a backup of your entire site. Once the backup is complete, download the created file. Use ftp to […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[29],"tags":[102],"_links":{"self":[{"href":"http:\/\/jefftangen.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/891"}],"collection":[{"href":"http:\/\/jefftangen.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/jefftangen.com\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/jefftangen.com\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/jefftangen.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=891"}],"version-history":[{"count":1,"href":"http:\/\/jefftangen.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/891\/revisions"}],"predecessor-version":[{"id":892,"href":"http:\/\/jefftangen.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/891\/revisions\/892"}],"wp:attachment":[{"href":"http:\/\/jefftangen.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=891"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/jefftangen.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=891"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/jefftangen.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=891"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}