Engaging an expert is always recommended to clean up WordPress sites. Cleaning up is not entirely complicated, however requires some patience in order to complete the process.
If you must perform the clean up manually, you may refer to the steps below.
1. Record down the theme and plugins in use on the website.
2. Download clean copy of WordPress core files, themes and plugins from official WordPress repository or official marketplace (for premium/paid themes and plugins).
3. Backup your web files and database before performing the clean up.
4. Delete all files in the web root folder except wp-content, wp-config.php and .htaccess.
5. Inspect wp-content folder, wp-config.php and .htaccess file to ensure there is no suspicious code in the files.
6. Delete all files in wp-content/themes.
7. Delete all files in wp-content/plugins.
8. Upload clean copy of WordPress core, themes and plugins to your web server.
9. Change all passwords (including WordPress admin, FTP, control panel and database) to a new, strong password. Do not use back old password for security purpose.
10. Update new database password in wp-config.php.
11. Replace secret key in wp-config.php to force active users to log off from active session.
12. Upgrade WordPress core, plugins and themes to the latest version.
13. Re-scan the website once it is cleaned and patched to the latest version.
- 7 användare blev hjälpta av detta svar