Build Your Own Business Website header image

How to Identify and Repair a Hacked WordPress Site – Step 3 – Remove the Existing WordPress Installation

Difficulty Level -

Filed Under Topics -

Listed Under Lesson Subjects -

Applies to -

Whoops, you've found some premium content!

Watch the opening clip of this video to preview it,
the full video is available to paid members.

We’re on to step 3 of fixing a hacked WordPress site after having done all the preparatory work for the site repair.

Both BackupBuddy and Sucuri Find Malware

Someone pointed out here earlier that BackupBuddy can also identify malware. So if you’re using BackupBuddy you can use the malware skin. We did that during the break and found that it found the same kinds of things that Sucuri did, so you can also use this as a tool for identifying hacking.

Remove WP in Your Control Panel

The next step in this process then is to remove the existing WordPress installation and we’re going to do that inside of her GoDaddy control panel here. So here I am in File Manager and that’s her database stuff, we don’t want to be there.

So we’ll just come over back over to upload files now. What we’re going to do is create a new folder and we’re going to call it So we’ve got created that and now what we’re going to do is move all of her WordPress files and folders into that. That means wp-admin, wp-content, wp-includes and we’ll hit move for those. We’re going to move those into there and say okay.

Then we’re going to come down here and we’re going to move this .htaccess. We’ll leave 10-secrets-to-acing-organic-chemistry there but we’ll move backupbuddy and this database and leave favicon here, we’ll leave gdform, index, license, missing.html. We’ll leave the php.ini files in here, they’re not technically speaking WordPress files, they’re more server files. And we’re going to assume that whoever them put there did that for a reason so we’ll just come along and click these.

We’ll leave sitemaps in place, webformmailer, welcome, wp-activate, blog-header, comments, config-sample, config, con, links, load, login, mail, settings, signup, trackback and xmlrpc, select move again and we’ll move those into our old and say okay to that.

This file here, we’re going to delete. It doesn’t have a name and it has some weird stuff in it so we’re going to delete it. Otherwise we’ve just got files here that couldn’t have anything to do with our hacked site.

Now if we go and take a look at our site, of course, it’s going to be non existent because it doesn’t exist, right? WordPress is no longer there anymore.

While we’re here, we are also going to go back to our database and select all of these tables by hitting check all and then with selected we’re going to say drop. This is essentially deleting the contents of the database without actually deleting the database which is what we want to do. We want to say yes to that.

Now if we look at this, go to databases, so we’ve got this database and it says no tables are found in the database. For whatever reason it goes weird on me when I fill up the page with it. I’m not sure why that is, okay so now we have a blank database.

Next up we are going to manually reinstall WordPress.

0 Comments… add one
0 comments… add one

Leave a Comment