wp-config.php
Check wp-config.php and make sure the settings are correct and there are no header lines that are extra.
Cleanup files
SSH to server
Change to root folder of website
On Enhance control panel: this can be done by
# Get list of users:
cut -d: -f1 /etc/passwd
# Change into user with problem:
sudo su xx-username-xx
#go to folder:
cd /var/www/xxxxxxxxx/public_html
# Download Wordpress core files and overwrite
# rm -r ../.wp-cli
wp core download --force
# Remove extra files in core folders
wp core verify-checksums &> checksum_output.txt
grep "should not exist" checksum_output.txt > files_to_delete.txt
awk '{print $6}' files_to_delete.txt > paths_to_delete.txt
xargs rm < paths_to_delete.txt
rm checksum_output.txt
rm files_to_delete.txt
rm paths_to_delete.txt
# Remove all 0 byte php files in a date range:
find . -type f -name "*.php" -size 0 -newermt 2024-10-20 ! -newermt 2024-10-30 -exec rm {} \;
Plugins
If you are still getting a white screen, rename the plugins folder in wp-content.
Themes and Plugins
At this point login to the Wordpress admin and update all themes and plugins. Also delete plugins that are fake. A giveaway sign is that they don't have auto update options.
Users
Remove all unnecessary users, and change the passwords of the users you keep. Also use the logout of everywhere else button.
Wordfence
Install the Wordfence plugin
Enable the Wordfence firewall
Do a standard or high sensitivity scan
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article