In this article we will discuss about the steps you want to take after a WordPress web site has been hacked to get your site back up and to run quickly. In many cases when a WordPress site is hacked, that is because you are not running the latest secure version of WordPress, or one of the plugins which you have installed is outdated and has been used by a hacker to exploit the site. At many times the hacker will inject malicious code in your PHP script which can make it very hard to clean up manually after the injections took place. In some case it might require our system administration department to quarantine your entire WordPress web site outside of your [/public_html] directory. So that we can ensure further hacks are not to take place and further damage is not done to your WordPress database.
When any type of malware will steal computer information such as process list and screen shots, which will send to the hackers who evaluate whether the infected machine is good enough to load the remainder of the malware package. This type of virus will contains many modules, some are taken from publicly freely source and some home made. The hackers or attackers also use to legitimate pen testing tools which can freely extract plain text passwords, PIN codes, tickets, hashes, login ID, account number, bank account details and many more from the memory of Windows machine. The malware can steal your all important information like bank account details, credit card number, login ID, passwords, your phone number, transaction details and so on from your Computer system memory that you will update on word press websites. Later they will send to the hackers for illegal purpose. So in this case we were simply going to reinstall WordPress and then link up the new install with our old database.
If your websites are infected with this type of virus then you must go through this link:- uninstall virus malware
However, if you ever wanted to scan your web site on your own to prevent PHP Shell scripts, then you can run your own virus scan on your account. Many up to date anti-virus program that can detect PHP Shell scripts.
To utilize this as a resource follow the steps below:
- Log into the your account via FTP.
- Download all their WordPress files to your local machine.
- Scan the files and folders with your anti-virus program.
- Your anti-virus program should notify you when the scan is complete. It should provide you with logs of which files contained PHP Shell scripts.