Yakezie.com - Topic: Infected WordPress Files

Edward Antrobus on Infected WordPress Files

Sat, 10 May 2014 12:09:42 +0000

colormefrugal said:

Does anybody know how this happens or what we could do to prevent Wordpress files from being infected? I know there are paid programs that you can use that charge so much per month but I've tried to avoid that so far. I do have Wordfence and another security plugin installed on my site. Is that enough?

Make sure you have strong passwords everywhere. WP login, database, hosting, etc. Limit login attempts. If your home IP address is stable, you can even limit access to the login page to that IP address. You can't hack what you can't see...

Besides that, always make sure WP and all plugins are kept up-to-date. Limit plugins to those you absolutely need and drop any that haven't been updated in a while.

colormefrugal on Infected WordPress Files

Sat, 10 May 2014 09:48:34 +0000

Does anybody know how this happens or what we could do to prevent Wordpress files from being infected? I know there are paid programs that you can use that charge so much per month but I've tried to avoid that so far. I do have Wordfence and another security plugin installed on my site. Is that enough?

moneystepper on Infected WordPress Files

Wed, 07 May 2014 11:07:15 +0000

Phez - glad you got it sorted. Thanks for the reminder to back up regularly!! :)

Buck Inspire on Infected WordPress Files

Mon, 28 Apr 2014 17:49:14 +0000

Hi Marie, Edward, and Eric,

Thanks for your replies! I did a search for infected WordPress files and followed some of the articles.

I backed up everything I could. My WordPress directories and database files via my webhost Control Panel.

I moved my directories into a new infected folder and started to delete all files with issues according to my webhost scans.

I downloaded the latest version of WordPress, 3.9 at the time, unzipped them and uploaded them back to my webhost.

I opened my old wp-config.php file and copied my database name, username, and password.

I pasted this information into the wp-config sample file and renamed it wp-config.php.

I moved my clean files back into their original locations (pictures, audio files, etc.)

I uploaded the htaccess file back to its original location. Without it, all my links were broken.

I reinstalled plugins.

I hope no one needs to go through this, but if you do, the best advice I saw was stay calm. Also, I changed my passwords and will setup a backup schedule to regularly backup my files.

Buck

Eric - PersonalProfitability.com on Infected WordPress Files

Mon, 28 Apr 2014 10:07:43 +0000

I would scan with Wordfence, that may be able to fix everything.

Edward Antrobus on Infected WordPress Files

Fri, 25 Apr 2014 08:31:08 +0000

As long as the database isn't infected, you can back that up now and then do a fresh WordPress install

FamilyMoneyValues on Infected WordPress Files

Thu, 24 Apr 2014 13:49:22 +0000

What a bummer!
Does your host have any backup that you could use?
Are they sure the core files are infected?
I hate to say it but you may have to take the backup you do have and reapply your updates.

Buck Inspire on Infected WordPress Files

Tue, 22 Apr 2014 09:33:22 +0000

Hi All,

My webhost suspended my site because almost all my WordPress files got infected over the weekend. I've been deleting plugins, but am not sure how to deal with the core files. My backup isn't up to date and I've been through a few updates. Does anyone have a good reference on how to deal with this? Thanks!