5 {{ upvoteCount | shortNum }}
5 {{ upvoteCount | shortNum }}

Can Reinstal WP remove malicious script?

by vema123
4 replies
  • SEO
    • |
2 weeks ago my site was hacked & my friend found a malicious script in my WP file & after it was removed my site is back.

However the number of visitors has dropped significantly & I suspect there're still some scripts hidden in the file & thinking of removing my entire wordpress & reinstal the whole thing, & posting again the same posts & pages.

My question is:

- Can removing my wordpress & re-installing it remove (delete) the whole malicious scripts or viruses that might still be inside (hidden) the any folder or root?

thank you
#malicious #reinstal #remove #script
  • Profile picture of the author yukon
    Banned
    How to check your site for base64 links
    {{ DiscussionBoard.errors[9074188].message }}
  • Profile picture of the author nettiapina
    If you delete everything, and just move content to the new installation, you will usually get rid of the nasty stuff. Usually hackers target the PHP code because it allows more interesting hacks. Very few plant spam links in the content, but that's also a possibility.

    If deleting the site is not an option, I'd start by reinstalling the whole thing (WP and plugins), scanning it with Wordfence, going through the theme by hand, checking every upload folder for anything that shouldn't be there, and going through every index.php. This requires some idea what you're doing and what you're looking for. Usually hack code sticks out like a sore thumb.
    Signature
    Links in signature will not help your SEO. Not on this site, and not on any other forum.
    Who told me this? An ex Google web spam engineer.

    What's your excuse?
    {{ DiscussionBoard.errors[9075721].message }}
    • Profile picture of the author yukon
      Banned
      Originally Posted by nettiapina View Post

      If you delete everything, and just move content to the new installation, you will usually get rid of the nasty stuff.
      Not necessarily.

      If the problem was a theme or plugin it will still be a problem as long as the theme or plugin is still on the host.
      {{ DiscussionBoard.errors[9076231].message }}
      • Profile picture of the author nettiapina
        Originally Posted by yukon View Post

        If the problem was a theme or plugin it will still be a problem as long as the theme or plugin is still on the host.
        You're right, a hacked theme will not fix itself. If the site is build the way it's supposed to be build you can reinstall the parent theme and go through the handful of files in the active theme.

        If the problem is with a plugin you can hope that the developer has already published a new version, but of course that's not certain.

        BTW, having a malicious script can wreck your Google visibility. If you Google your own site (with site:sitename.tld) you should be able to see if Google thinks that there's something wrong with it. They also post a message to Webmaster Tools.
        Signature
        Links in signature will not help your SEO. Not on this site, and not on any other forum.
        Who told me this? An ex Google web spam engineer.

        What's your excuse?
        {{ DiscussionBoard.errors[9076653].message }}

Trending Topics