WordPress is a popular CMS around the world, so it may become a stepping stone for spamming or be tampered with.
There are various reasons such as not updating WordPress, not updating plug-ins, weak passwords, etc. We will briefly introduce countermeasures when the site becomes a stepping stone for spam .
Check for malware infection
If WordPress code is tampered with hacker and embedded with malware, your site can be damaged by remote operations such as sending spam, redirecting to other sites, and embedding banners.
You can check Sucuri SiteCheck for malware infection.
Or you can use the malware scan plugin
WordPress Doctor Malware Scan & Security Plug-in
Make a backup of the site
If your site is infected, first back up both WordPress files and the database.
A backup of the entire site file can be downloaded by FTP software, and a backup of the database can be taken with phpMyadmin.
Clean installation of WordPress and plug-ins
Download WordPress itself from the official website and replace everything except the wp-content folder on the infected site.
Also, download all the installed plugins on site again and put them in the wp-content / plugin folder above.
Scan themes and upload folder tampering
Now the only folders that may be infected are the theme folder and the upload folder.
First of all, the theme is tampered with. The most reliable way to detect this is to download the current theme again and detect the difference from the theme file on the infected site.
In addition, the upload folder visually checks everything except images and pdf files, and deletes any strange files.
Upload to server again
Finally, let’s migrate the cleaned WordPress to the server again