When you have been hacked there is only one safe way to deal with it, replace all the code with new fresh code so that you are 100% sure there are no back doors left.
// First go to your server with SSH # ssh [email protected] // Change to the WordPress install # cd ~/public // Replace all WordPress.org repository plugins # wp plugin install $(wp plugin list ——field=name) ——force
This process can also be useful to those that have FTP uploaded plugins and have old unused code in their directories which were not over written during the upload process.
With Pro plugins, you will most likely have to do this process by hand. It will always be quicker to remove the old directory before uploading via the command line as you can delete whole directories in one go. If you use FTP to delete it will delete each file and sub-directory separately before deleting the parent directory, thus taking much more time.
// First go to your server with SSH if you are not already there # ssh [email protected] // Change to the plugins directory # cd ~/public/wp-content/plugins // Remove the plugin directory by name # rm -rf plugin-name
Be very careful when using rm -rf it means “force remove recursively everything below this point”.
Give us your feedback on this article
Want to speed up your site, easily?
Set up your site on Servebolt, free of charge for 14 days, and see for yourself how fast it can be on our extremely fast hosting.
A faster site converts better, ranks better on Google, and is better for the climate.