In this article we'll go over steps you can follow to reinstall WordPress after a hack. Typically when a WordPress site is hacked it's because you're not running the latest secure version, or you have an outdated plugin or theme that's been compromised.
While sometimes you can simply remove malicious files that have been uploaded to the server, or remove maliciously injected code that has been inserted into your scripts. You might not clean up everything, and this could lead to further hacks being placed on your account. So opting to reinstall wordpress after a hack is a good option to use for peace of mind.
In the following example we're using a dummy website called PrimaryDomain.com. We noticed this site was hacked because it wouldn't load properly so we're going to reinstall WordPress and have it connect to our previous installation's database.
Also in this case our system administration department went ahead and quarantined our old WordPress installation outside of our /public_html/ directory. This helps ensure that no further malicious activity can take place until we secure our WordPress install.
In your favorite FTP client, open up the local folder \wordpress\.
You can then use Ctrl-A to select all the files.
Drag all those files onto the server into the /public_html/ directory.
After the upload completes, navigate to the /quarantine/ directory.
Right-click on wp-config.php, and select View/Edit.
You should be prompted to select an application to view the file, select Notepad
Then copy down your database information from the define('DB_...) settings.
If you access your site now, you'll see an error aboout no wp-config.php.
In your FTP client, navigate to the /public_html/ directory.
Right-click on wp-config-sample.php, and select View/Edit.
Open this file in Notepad, and fill in your database information you copied down.
Hit Ctrl-S to save the file, and your FTP client should prompt if you'd like to save the file back to the server.
Place a check beside Finish editing and delete local file if your FTP client gives you that option. Then click Yes.
In your FTP client, right-click on wp-config-sample.php and then select Rename.
Now rename the file to just wp-config.php.
At this point your site should be back up if you use a default theme.
If you used a custom theme, those files would have been quarantined along with your original WordPress installation.
In your FTP client, navigate to the /quarantine/wp-content/themes/ directory.
Now select and drag your custom theme folder to your local computer, here we used pinboard.
Navigate to the new /public_html/wp-content/themes/ directory on the server.
Then select and drag the pinboard directory you copied, into that directory.
Your WordPres site should now be available again, and free of hacks!
WordPress sites will vary greatly in their complexity depending on what all you've installed on them. You might need to reinstall plugins or make further adjustments to get your site back exactly as it was prior to being hacked.
The steps provided above should serve as a general guideline of how to quickly get a hacked or compromised WordPress installation reinstalled. That way you can at least access the admin panel again, and your visitors will be protected from any malicious code that was on the site.
n/a Points
|
2014-12-04 1:10 am
I don't know how to use an FTP.. is there a way to do this without that? |
Staff 17,314 Points
|
2014-12-04 1:26 am
Hello Eric,
Thanks for the question. The easiest way to do the file moves is to use an FTP client. If you require assistance, you can view the Getting Started Guide for FTP. You are welcome to try this using FTP, or you can try using the cPanel File Manager. I hope this helps to answer your question, please let us know if you require any further assistance. Kindest regards, Arnel C. |
Email: | support@WebHostingHub.com | Ticket: | Submit a Support Ticket |
---|---|---|---|
Call: | 757-416-6627 | Chat: | Click To Chat Now |
We value your feedback!
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
new! - Enter your name and email address above and we will post your feedback in the comments on this page!