After a WordPress website has been exploited, it’s common for backdoors to be left so that hackers can easily gain access to your website again. A common way to do this is to place compromised code directly into the WordPress core files (eg, the index.php or one of the other standard files). While the original cause may have been fixed, these potential backdoors mean your site could be compromised again at any stage.
This article will step you through the process of checking the WordPress integrity for the core files and correct if required.
- Login to the Conetix Control Panel or direct via Plesk (for VPS customers).
- Select the domain you wish to check the integrity for.
- Select the WordPress Toolkit for the domain:
- In the bottom bar, select “Check WordPress Integrity“:
- This will open a wizard. Select “Verify Checksums“:
- This will then verify the core WordPress files against the master files from wordpress.org.
- If there are issues found, you may see:
(the files listed may vary)
- If you have double checked you have a backup and there are files to correct, you can select “Reinstall WordPress Core“:
- This will re-download the WordPress Core and reinstall the files:
- If this completed without errors, you should then see a final confirmation:
- If you see an error, please read through the full details to confirm details such as the correct file permissions before retrying.