How to Clean a Hacked WordPress Site

<!DOCTYPE html> <html lang="en-US"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, viewport-fit=cover" /> <meta name='robots' content='index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1' />  <title>How to Clean a Hacked WordPress Site | Sucuri</title> <meta name="description" content="Key Takeaways on how to fix a hacked WordPress site and remove malware. Clean and prevent hacks to secure WordPress. Learn about website security with this free webinar." /> <link rel="canonical" href="https://sucuri.net/webinars/how-to-clean-hacked-wordpress-site/" /> <meta property="og:locale" content="en_US" /> <meta property="og:type" content="article" /> <meta property="og:title" content="How to Clean a Hacked WordPress Site" /> <meta property="og:description" content="Key Takeaways on how to fix a hacked WordPress site and remove malware. Clean and prevent hacks to secure WordPress. Learn about website security with this free webinar." /> <meta property="og:url" content="https://sucuri.net/webinars/how-to-clean-hacked-wordpress-site/" /> <meta property="og:site_name" content="Sucuri" /> <meta property="article:publisher" content="https://www.facebook.com/SucuriSecurity" /> <meta property="article:modified_time" content="2023-03-01T00:32:52+00:00" /> <meta property="og:image" content="https://sucuri.net/wp-content/uploads/2019/07/16-sucuri-how-to-clean-a-hacked-wordpress-site-og.png" /> <meta property="og:image:width" content="1200" /> <meta property="og:image:height" content="1200" /> <meta property="og:image:type" content="image/png" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:site" content="@sucurisecurity" /> <meta name="twitter:label1" content="Est. reading time" /> <meta name="twitter:data1" content="31 minutes" />  <link rel='dns-prefetch' href='//cdn.jsdelivr.net' /> <link rel="alternate" type="application/rss+xml" title="Sucuri » Feed" href="https://sucuri.net/feed/" /> <link rel="alternate" type="application/rss+xml" title="Sucuri » Comments Feed" href="https://sucuri.net/comments/feed/" /> <script type="text/javascript"> /* <![CDATA[ */ window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/sucuri.net\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.6.2"}}; /*! This file is auto-generated */ !function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!n(e,"\ud83d\udc26\u200d\u2b1b","\ud83d\udc26\u200b\u2b1b")}return!1}function f(e,t,n){var r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)})}catch(e){}c(n=f(s,u,p))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings); /* ]]> */ </script> <style id='wp-emoji-styles-inline-css' type='text/css'> img.wp-smiley, img.emoji { display: inline !important; border: none !important; box-shadow: none !important; height: 1em !important; width: 1em !important; margin: 0 0.07em !important; vertical-align: -0.1em !important; background: none !important; padding: 0 !important; } </style> <link rel='stylesheet' id='wp-block-library-css' href='https://sucuri.net/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='wp-components-css' href='https://sucuri.net/wp-includes/css/dist/components/style.min.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='wp-preferences-css' href='https://sucuri.net/wp-includes/css/dist/preferences/style.min.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='wp-block-editor-css' href='https://sucuri.net/wp-includes/css/dist/block-editor/style.min.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='wp-reusable-blocks-css' href='https://sucuri.net/wp-includes/css/dist/reusable-blocks/style.min.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='wp-patterns-css' href='https://sucuri.net/wp-includes/css/dist/patterns/style.min.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='wp-editor-css' href='https://sucuri.net/wp-includes/css/dist/editor/style.min.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='sucuri_framework-cgb-style-css-css' href='https://sucuri.net/wp-content/mu-plugins/sucuri-framework/dist/blocks.style.build.css?ver=1645707241' type='text/css' media='all' /> <style id='classic-theme-styles-inline-css' type='text/css'> /*! This file is auto-generated */ .wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none} </style> <style id='global-styles-inline-css' type='text/css'> :root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #fff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--color--green: #12A94B;--wp--preset--color--secondary-green: #41BA6E;--wp--preset--color--tertiary-green: #94D8AD;--wp--preset--color--blue: #2188AB;--wp--preset--color--secondary-blue: #6EB1C8;--wp--preset--color--tertiary-blue: #9AC9D8;--wp--preset--color--teal: #2D7A6D;--wp--preset--color--secondary-teal: #76A8A0;--wp--preset--color--tertiary-teal: A0C3BD;--wp--preset--color--darkblue: #0E406A;--wp--preset--color--secondary-darkblue: #61829D;--wp--preset--color--tertiary-dark-blue: #91A8BB;--wp--preset--color--red: #EA3232;--wp--preset--color--secondary-red: #F17070;--wp--preset--color--tertiary-red: #F5A2A2;--wp--preset--color--yellow: #F6DA23;--wp--preset--color--secondary-yellow: #F9E66F;--wp--preset--color--tertiary-yellow: #FAEE9B;--wp--preset--color--gray: #5D5D5D;--wp--preset--color--secondary-gray: #959595;--wp--preset--color--tertiary-gray: #B5B5B5;--wp--preset--color--form-gray: #D3D3D3;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}:where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;} :where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;} :where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;} :root :where(.wp-block-pullquote){font-size: 1.5em;line-height: 1.6;} </style> <link rel='stylesheet' id='slick-css-css' href='https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='sucuriwp-style-css' href='https://sucuri.net/wp-content/themes/sucuriwp/style.css?ver=6.6.2' type='text/css' media='all' /> <link rel='stylesheet' id='sucuriwp-theme-2-css' href='https://sucuri.net/wp-content/themes/sucuriwp/css/legacy-2.min.css?ver=1644996114' type='text/css' media='all' /> <link rel='stylesheet' id='sucuriwp-theme-css' href='https://sucuri.net/wp-content/themes/sucuriwp/css/style.css?ver=1731466407' type='text/css' media='all' /> <link rel='stylesheet' id='elementor-frontend-css' href='https://sucuri.net/wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1731961065' type='text/css' media='all' /> <link rel='stylesheet' id='widget-image-css' href='https://sucuri.net/wp-content/plugins/elementor/assets/css/widget-image.min.css?ver=3.25.4' type='text/css' media='all' /> <link rel='stylesheet' id='widget-nav-menu-css' href='https://sucuri.net/wp-content/uploads/elementor/css/custom-pro-widget-nav-menu.min.css?ver=1731961065' type='text/css' media='all' /> <link rel='stylesheet' id='swiper-css' href='https://sucuri.net/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6' type='text/css' media='all' /> <link rel='stylesheet' id='e-swiper-css' href='https://sucuri.net/wp-content/plugins/elementor/assets/css/conditionals/e-swiper.min.css?ver=3.25.4' type='text/css' media='all' /> <link rel='stylesheet' id='elementor-post-8778-css' href='https://sucuri.net/wp-content/uploads/elementor/css/post-8778.css?ver=1731961065' type='text/css' media='all' /> <link rel='stylesheet' id='e-popup-style-css' href='https://sucuri.net/wp-content/plugins/elementor-pro/assets/css/conditionals/popup.min.css?ver=3.25.2' type='text/css' media='all' /> <link rel='stylesheet' id='elementor-post-10522-css' href='https://sucuri.net/wp-content/uploads/elementor/css/post-10522.css?ver=1731961666' type='text/css' media='all' /> <link rel='stylesheet' id='elementor-post-10539-css' href='https://sucuri.net/wp-content/uploads/elementor/css/post-10539.css?ver=1731961065' type='text/css' media='all' /> <link rel='stylesheet' id='google-fonts-1-css' href='https://fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CTitillium+Web%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6.2' type='text/css' media='all' /> <link rel="preconnect" href="https://fonts.gstatic.com/" crossorigin><script type="text/javascript" src="https://sucuri.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1" id="jquery-core-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1" id="jquery-migrate-js"></script> <link rel="https://api.w.org/" href="https://sucuri.net/wp-json/" /><link rel="alternate" title="JSON" type="application/json" href="https://sucuri.net/wp-json/wp/v2/webinars/1677" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://sucuri.net/xmlrpc.php?rsd" /> <link rel='shortlink' href='https://sucuri.net/?p=1677' /> <link rel="alternate" title="oEmbed (JSON)" type="application/json+oembed" href="https://sucuri.net/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fsucuri.net%2Fwebinars%2Fhow-to-clean-hacked-wordpress-site%2F" /> <link rel="alternate" title="oEmbed (XML)" type="text/xml+oembed" href="https://sucuri.net/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fsucuri.net%2Fwebinars%2Fhow-to-clean-hacked-wordpress-site%2F&format=xml" /> <script type='text/javascript'>/*<![CDATA[*/(function(n,d,c){d.setTime(d.getTime()+2592000000);c=(new RegExp('[?&]'+n+'=([^&#]*)','i')).exec(window.location.search);if(c=c?c[1]:null)document.cookie=n+'='+c+';expires='+d.toUTCString()+';domain=.sucuri.net;path=/';})('cjevent',new Date());/*]]>*/</script><script src="https://tags.tiqcdn.com/utag/gpl/sucuri/prod/utag.sync.js"></script><meta name="generator" content="performance-lab 3.5.1; plugins: "> <meta name="generator" content="Elementor 3.25.4; features: e_font_icon_svg, additional_custom_breakpoints, e_optimized_control_loading; settings: css_print_method-external, google_font-enabled, font_display-swap"> <style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style> <style> .e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload), .e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload) * { background-image: none !important; } @media screen and (max-height: 1024px) { .e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload), .e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload) * { background-image: none !important; } } @media screen and (max-height: 640px) { .e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload), .e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload) * { background-image: none !important; } } </style> <link rel="icon" href="https://sucuri.net/wp-content/uploads/2022/02/cropped-Sucuri_FavIcon_512x512-1-32x32.png" sizes="32x32" /> <link rel="icon" href="https://sucuri.net/wp-content/uploads/2022/02/cropped-Sucuri_FavIcon_512x512-1-192x192.png" sizes="192x192" /> <link rel="apple-touch-icon" href="https://sucuri.net/wp-content/uploads/2022/02/cropped-Sucuri_FavIcon_512x512-1-180x180.png" /> <meta name="msapplication-TileImage" content="https://sucuri.net/wp-content/uploads/2022/02/cropped-Sucuri_FavIcon_512x512-1-270x270.png" /> <style type="text/css" id="wp-custom-css"> a{ color: #028673; } .sucuri-widget-hero-internal-revamp-section.parent .wrapper{ justify-content: flex-end; } p.priceText.spacerContentNeg { padding-top: 0px; } .btn-primary{ color: #fff; background-color: #028673; border-color: #028673; } .hero-nav{ z-index: 99 !important; } .cookie-policy-banner p { color: #028673 !important; } #no-underline p a{ text-decoration: none !important; } body, a:visited, p, select, textarea{ font-size: 16px; } .elementor-widget-text-editor ol, .elementor-widget-text-editor ul { margin-left: 0; padding-left: revert; } footer li a:hover{ color: #26ba9e !important; } .elementor-widget-text-editor .elementor-widget-container h1{ font-weight: 700 !important; font-size: 50px !important; line-height: 50px !important; margin-bottom: 50px !important; font-family: "Titillium Web", Sans-serif; } .elementor-widget-text-editor .elementor-widget-container h2{ font-weight: 700 !important; font-size: 25px !important; line-height: 25px !important; margin-bottom: 25px !important; } .elementor-widget-text-editor .elementor-widget-container h3{ font-weight: 700 !important; font-size: 23px !important; line-height: 24px !important; margin-bottom: 25px !important; } .elementor-widget-text-editor .elementor-widget-container h4{ font-weight: 700; font-size: 20px !important; line-height: 23px !important; margin-bottom: 25px !important; } .elementor-widget-text-editor .elementor-widget-container h5{ font-weight: 700 !important; font-size: 18px !important; line-height: 23px !important; margin-bottom: 25px !important; } .elementor-widget-text-editor .elementor-widget-container h6{ font-weight: 700 !important; font-size: 16px !important; line-height: 23px !important; margin-bottom: 25px !important; } .guides-template-default.single.single-guides .elementor-widget-container h1{ font-weight: 700 !important; font-size: 64px !important; line-height: 64px !important; margin-bottom: 100px !important; font-family: "Titillium Web", Sans-serif; } .guides-template-default.single.single-guides .elementor-widget-container h2{ font-weight: 700 !important; font-size: 50px !important; line-height: 1 !important; margin-top: 50px !important; margin-bottom: 15px !important; font-family: "Titillium Web", Sans-serif; } .guides-template-default.single.single-guides .archive .elementor-widget-container h2{ margin-bottom: 25px !important; } .guides-template-default.single.single-guides .elementor-widget-container h3{ font-weight: 600 !important; font-size: 25px !important; line-height: 25px !important; margin-top: 30px !important; margin-bottom: 10px !important; } .guides-template-default.single.single-guides .elementor-widget-container h4{ font-weight: 500; font-size: 20px; line-height: 24px; margin-top: 25px; } .guides-template-default.single.single-guides .elementor-widget-container h5{ font-weight: 500 !important; font-size: 18px !important; line-height: 23px !important; margin-top: 20px !important; } .guides-template-default.single.single-guides .elementor-widget-container h6{ font-weight: 500 !important; font-size: 16px !important; line-height: 23px !important; margin-top: 15px !important; } .header-b .top-nav-wrapper .nav-bar.ua-lg .u-attack { background-color: #028673; } /*custom css*/ /*hero nav in double line when screen is small*/ .hero-nav__list{ flex-wrap: nowrap } .sucuri-widget-sub-nav.fixed{ top:90px !important; } .responsive-table{ overflow-x: auto; } .table_breakdown{ width: unset; min-width: 1080px; } .home .hero-nav{ top: 90px !important; } .sucuri-widget-table-content .linkContainer{ height: auto !important; } /* .guides-template-default.single.single-guides h1{ font-family: "Titillium Web" !important; font-size: 64px !important; font-weight: 700; margin-bottom: 100px !important; } .guides-template-default.single.single-guides h2{ font-family: "Titillium Web" !important; font-weight: 700 !important; font-size: 25px !important; line-height: 25px !important; margin-bottom: 25px !important; } .guides-template-default.single.single-guides h3{ font-family: "Open Sans" !important; font-weight: 700 !important; font-size: 23px !important; line-height: 24px !important; margin-bottom: 25px !important; } .guides-template-default.single.single-guides h4{ font-family: "Open Sans" !important; font-size: 22px !important; font-weight: 700 !important; margin-bottom: 30px !important; } .guides-template-default.single.single-guides h5{ font-family: "Open Sans" !important; font-size: 21px !important; font-weight: 700 !important; margin-bottom: 20px !important; } .guides-template-default.single.single-guides h6{ font-family: "Open Sans" !important; font-size: 18px !important; font-weight: 400 !important; margin-bottom: 20px !important; } */ .hero-nav__list { padding-left: 10px; } @media (min-width: 1200px){ .v2-subnav { height: auto; } } .v2-subnav { height: auto !important; } .sucuri-widget-sub-nav.fixed{ z-index: 1 !important; } .sucuri-widget-sub-nav ul li a{ font-size: 12px; } .sucuri-widget-card-plans .card-plans-container .card-plans-list #card-plans-list-single.background-important .card-plans-single .absolute-footer .card-sub-button p a{ color: #fff; } .sucuri-widget-brands-banner .sucuri-widget-brands-banner-internal .imgContainer.fiveRow{ padding-left:20px; padding-right:20px; } .sucuri-widget-faq-content h2{ font-weight: 700 !important; } /* chat bubble colors */ .chat-widget-wrapper .phone-banner { background-color: #26ba9e; } .chat-widget-wrapper .chat-widget-container { background-color: #028673; } .chat-widget-wrapper .chat-widget-container .chat-widget-avatar { background-color: #26ba9e; border: 4px solid #26ba9e; } /* footer custom css */ @media (min-width: 1400px) { footer .container { max-width: 1140px; padding: 0; } } .footer-b hr { width: 97%; display: block; margin: 0 auto; margin-top: 3rem; margin-bottom: 1rem; } /* custom css for hero nav menu list */ @media(min-width: 992px){ .header-b .top-nav-wrapper .nav-bar.pro-sol{ margin-left: 3rem; } } @media(min-width: 1400px){ .hero-nav__list{ max-width: 1300px; } .sucuri-widget-sub-nav ul{ max-width: 1300px; } } @media(min-width: 1920px){ .hero-nav__list{ max-width: 1140px; } .sucuri-widget-sub-nav ul{ max-width: 1300px !important; } } .v2-subnav .hero-nav__item a{ padding-left: 5px; padding-right: 10px; font-size: 10px; font-weight: 400; } .sucuri-widget-sub-nav ul li a{ font-weight: 400; font-size: 10px !important; padding-right:30px; } @media(min-width: 992px){ .v2-subnav .hero-nav__item a{ padding-left: 20px; } } @media(min-width: 1440px){ .v2-subnav .hero-nav__item a{ padding-left: 20px; padding-right: 20px; font-size: 12px; } .sucuri-widget-sub-nav ul li a{ font-size: 12px !important; } } @media(min-width: 1920px){ .v2-subnav .hero-nav__item a{ padding-left: 0px; } .sucuri-widget-sub-nav ul li a{ padding-left: 0 !important; } } /* custom css for nav content */ .elementor-widget.elementor-widget-text-editor a{ text-decoration: none !important; } .elementor-widget.elementor-widget-text-editor h4{ font-weight: 700; } .sucuri-widget-nav-content ul li a{ padding: 20px 12px !important; font-size: 14px; } /* cards */ .archive.post-type-archive .elementor-post__card .elementor-post__title{ font-size: 20px !important; } .archive.post-type-archive .elementor-post__card .elementor-post__title{ margin-top: 0px !important; } .archive.post-type-archive .elementor-post__card .elementor-post__title a{ font-size: 20px !important; line-height: 1.4 !important; } /* FAQ CONTENT */ .sucuri-widget-faq-content .faq-content-single p span{ display:block; padding-left:20px; } .sucuri-widget-faq-content .faq-content-single p span:first-child{ padding-top:10px } .sucuri-widget-faq-content .faq-content-single > ul > li input[type=checkbox]{ height: auto !important; } .sucuri-widget-faq-content .faq-content-single h4{ font-size: 18px !important; margin-top: 0px !important; margin-bottom: 0px !important; font-weight: 700 !important; } pre code{ padding: 0px; } article.post{ box-shadow: 0 0 10px 0 rgba(0,0,0,.15); border-radius: 8px; overflow: hidden; } article.post .post-content{ padding: 20px; } article.post .post-content .post-title{ color: #028673; font-family: "Titillium Web", Sans-serif; font-size: 20px; font-weight: 700; } .container-grid-layout{ display: flex; grid-template-columns: repeat(3, 1fr); grid-template-rows: repeat(auto-fit, minmax(200px, 1fr)); grid-auto-rows: 200px; grid-auto-flow: row dense; grid-gap: 14px; /* padding: 10px; */ box-sizing: border-box; padding-right: 15px; grid-template-rows: 160px 170px 0px; flex-direction: column; } .container-grid-layout .frame-1x1{ grid-column: span 1; grid-row: span 1; } .container-grid-layout .frame-1x2{ grid-column: span 1; grid-row: span 2; } .container-grid-layout .frame-2x1 { grid-column: span 2; grid-row: span 2; } @media(min-width: 768px){ .container-grid-layout{ display: grid; grid-template-columns: repeat(3, 1fr); grid-template-rows: repeat(auto-fit, minmax(200px, 1fr)); grid-auto-rows:200px; grid-auto-flow:row dense; grid-gap: 14px; /* padding: 10px; */ box-sizing:border-box; padding-right: 15px; grid-template-rows: 107px 113px 0px; flex-direction: column; } } @media(min-width: 992px){ .container-grid-layout{ grid-template-rows: 145px 145px 0px; } } @media(min-width: 1440px){ .container-grid-layout{ grid-template-rows: 160px 170px 0px; } } .container-grid-third{ display: flex; grid-template-columns: 1fr; place-items: start; padding: 0px; padding-right: 10px; grid-template-columns: 1fr 1fr 1fr; grid-gap: 8px; margin-bottom: 10px; flex-direction: column; flex-wrap: nowrap; align-content: center; } .container-grid-third .post{ width: calc(100% - 5px); position: relative; height: 0; width: calc(100% - 5px); position: relative; background-repeat: no-repeat; background-position: 50% 50%; background-size: cover; display: flex; flex-direction: column; justify-content: space-between; } .container-grid-third .frame-1x1{ padding-bottom: calc(48% - 5px); grid-row: span 2 / auto; } .container-grid-third .frame-1x2{ padding-bottom: calc(130% - 5px); grid-row: span 3 / auto; } @media(min-width: 768px){ .container-grid-third{ display: grid; grid-template-columns: 1fr; place-items: start; padding: 0px; padding-right: 10px; grid-template-columns: 1fr 1fr 1fr; grid-gap: 8px; margin-bottom: 10px; } .container-grid-third .frame-1x1{ padding-bottom: calc(48% - 5px); } .container-grid-third .frame-1x2{ padding-bottom: calc(250% - 5px); } } @media(min-width: 992px){ .container-grid-third .frame-1x2{ padding-bottom: calc(165% - 5px); } } @media(min-width: 1440px){ .container-grid-third .frame-1x2{ padding-bottom: calc(135% - 5px); } } .shortcodes-custom-container .box{ display: none; } .container-ad{ box-shadow: 0 0 10px 0 rgba(0,0,0,.15); border-radius: 8px; grid-column: span 1; grid-row: span 2; display: flex; flex-direction: column; flex-wrap: nowrap; align-items: center; justify-content: center; background-image: url('https://sucuri.net/wp-content/uploads/2023/07/23-sucuri-content-hub-we-are-here-to-help-bg.png'); background-position: center; background-repeat: no-repeat; background-size: cover; } .container-ad p{ margin-bottom: 0px !important; } .container-ad h2{ margin-top: 0px !important; font-family: "Titillium Web"; font-size: 50px; line-height: 1.2; } .container-ad h2, .container-ad p, .container-ad .link{ text-align: center; color: white; font-weight: 700; } .container-ad .btn{ background: #028673; color: white; margin: 0px 0 20px 0; } .elementor-widget-text-editor strong span { text-decoration: none !important; } select#post-filter-select { padding: 5px 10px; border: 1px solid #F0F1F2; box-shadow: 0 0 10px 0 rgba(0,0,0,.15); min-width: 180px; margin-right: 40px; border-radius: 7px; border-right: 10px solid transparent; } .custom-post-filter a{ background-color: #4F6CB5; color: white; padding: 7.5px 25px; border-radius: 7px; font-size: 16px; font-weight: 500; } .container-grid-third.second-option .frame-1x1{ padding-bottom: calc(82% - 5px); } /* faq section */ .sucuri-widget-faq-content .faq-content-single h4{ margin-top: 0px !important; } .sucuri-widget-faq-content-advanced .faq-content-single h4{ margin-top: 0px !important; } .sucuri-widget-faq-content-advanced .faq-content-single > ul > li input[type=checkbox]:checked ~ h4{ margin-top: 0px !important; } .sucuri-widget-faq-content h2{ margin-bottom: 50px !important; } .sucuri-widget-faq-content-advanced h4{ font-size: 25px; } /* table sign up */ .sucuri-widget-new-card-plans .sucuri-widget-platform-static-cards-widget .dropdown-content-table ul li:nth-child(2n+1) table tbody tr td svg{ max-width: 20px; } svg.e-font-icon-svg.e-fas-check-circle{ fill: #028673; } svg.e-font-icon-svg.e-fas-circle { fill: #f2f5f5; } .sucuri-widget-new-card-plans .sucuri-widget-platform-static-cards-widget .dropdown-content-table .table_breakdown tbody tr td:not(:first-child) svg{ max-width: 20px } .sucuri-widget-platform-static .dropdown-content-table .table_breakdown tbody tr td:not(:first-child) svg{ max-width: 20px } .sucuri-widget-platform-dropdown .platform-dropdown-single .dropdown-content-table .table_breakdown tbody tr td:not(:first-child) svg{ max-width: 20px } /* end table sign up */ .sucuri-widget-sub-nav.fixed{ z-index: 98 !important; } .sucuri-widget-hero-revamp-section.parent .wrapper .div2 img{ max-width: 480px; } .sucuri-widget-hero-revamp-section.parent .wrapper .div2{ margin: 0 auto; } @media(min-width: 1440px){ .sucuri-table-plans-security-three-revamp .sucuri-widget-platform-static-cards-widget .dropdown-content-table .shadow { position: absolute; top: 7px; width: 1044px; right: 20px; } } @keyframes marquee { 0% { transform: translateX(0); } 100% { transform: translateX(-50%); } } .marquee { overflow: hidden; background-color: #00BB9F; height: 31px; display: flex; align-items: center; position: relative; } .marquee-content { display: flex; width: max-content; animation: marquee 50s linear infinite; } .marquee-content div { white-space: nowrap; display: flex; align-items: center; margin-right: 20px; /* Extra Styling */ font-size: 17px; font-family: 'Titilium Web', Helvetica, Arial, sans-serif; font-weight: 500; color: #02141B; } .marquee-content div span { font-weight: 700; margin:0 4px; } </style> </head> <body class="webinars-template webinars-template-page-legacy-2 webinars-template-page-legacy-2-php single single-webinars postid-1677 single-format-standard wp-custom-logo elementor-default elementor-kit-8778"> <script type="text/javascript">(function(a,b,c,d){a='//tags.tiqcdn.com/utag/gpl/sucuri/prod/utag.js';b=document;c='script';d=b.createElement(c);d.src=a;d.type='text/java'+c;d.async=true;a=b.getElementsByTagName(c)[0];a.parentNode.insertBefore(d,a)})();</script> <div data-elementor-type="header" data-elementor-id="10522" class="elementor elementor-10522 elementor-location-header" data-elementor-post-type="elementor_library"> <section class="elementor-section elementor-top-section elementor-element elementor-element-e6284d1 elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="e6284d1" data-element_type="section" data-settings="{"sticky":"top","sticky_on":["desktop","tablet_extra","tablet","mobile"],"sticky_offset":0,"sticky_effects_offset":0,"sticky_anchor_link_offset":0}"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-49d7753" data-id="49d7753" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-d46c653 elementor-widget elementor-widget-html" data-id="d46c653" data-element_type="widget" data-widget_type="html.default"> <div class="elementor-widget-container"> <a href="https://sucuri.net/live-chat/"> <div class="marquee"> <div class="marquee-content"> <div>Get <span>15%</span>, <span>20%</span> or <span>30%</span> on your first year, discount on our plans just for black friday, chat now and stay safe</div> <div> <img src="https://sucuri.net/wp-content/uploads/2024/11/Offer.svg" alt="Offer"> </div> <div>Get <span>15%</span>, <span>20%</span> or <span>30%</span> on your first year, discount on our plans just for black friday, chat now and stay safe</div> <div> <img src="https://sucuri.net/wp-content/uploads/2024/11/Offer.svg" alt="Offer"> </div>  <div>Get <span>15%</span>, <span>20%</span> or <span>30%</span> on your first year, discount on our plans just for black friday, chat now and stay safe</div> <div> <img src="https://sucuri.net/wp-content/uploads/2024/11/Offer.svg" alt="Offer"> </div> <div>Get <span>15%</span>, <span>20%</span> or <span>30%</span> on your first year, discount on our plans just for black friday, chat now and stay safe</div> <div> <img src="https://sucuri.net/wp-content/uploads/2024/11/Offer.svg" alt="Offer"> </div> <div>Get <span>15%</span>, <span>20%</span> or <span>30%</span> on your first year, discount on our plans just for black friday, chat now and stay safe</div> <div> <img src="https://sucuri.net/wp-content/uploads/2024/11/Offer.svg" alt="Offer"> </div> <div>Get <span>15%</span>, <span>20%</span> or <span>30%</span> on your first year, discount on our plans just for black friday, chat now and stay safe</div> <div> <img src="https://sucuri.net/wp-content/uploads/2024/11/Offer.svg" alt="Offer"> </div> </div> </div> </a> </div> </div> </div> </div> </div> </section> <section class="elementor-section elementor-top-section elementor-element elementor-element-5dd7eb5 elementor-section-height-min-height elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-items-middle" data-id="5dd7eb5" data-element_type="section" id="header-container" data-settings="{"background_background":"classic","sticky":"top","sticky_on":["desktop","tablet_extra","tablet","mobile"],"sticky_offset":0,"sticky_effects_offset":0,"sticky_anchor_link_offset":0}"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-ff5a8e8" data-id="ff5a8e8" data-element_type="column" id="menu-column-one"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-b873b2a elementor-widget elementor-widget-theme-site-logo elementor-widget-image" data-id="b873b2a" data-element_type="widget" data-widget_type="theme-site-logo.default"> <div class="elementor-widget-container"> <a href="https://sucuri.net"> <img src="https://sucuri.net/wp-content/uploads/elementor/thumbs/Sucuri-Logo-qio221wlg9vvaaewra0jqjt8rf04jyn1vtdestgfmi.png" title="Sucuri Logo" alt="Sucuri" loading="lazy" /> </a> </div> </div> </div> </div> <div class="elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-42d43ff" data-id="42d43ff" data-element_type="column" id="menu-column-two"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-c6a03bd elementor-nav-menu__align-start elementor-nav-menu__text-align-center elementor-nav-menu--stretch elementor-widget-tablet__width-initial elementor-nav-menu--dropdown-tablet_extra elementor-nav-menu--toggle elementor-nav-menu--burger elementor-widget elementor-widget-nav-menu" data-id="c6a03bd" data-element_type="widget" id="header-main-menu" data-settings="{"submenu_icon":{"value":"<svg class=\"fa-svg-chevron-down e-font-icon-svg e-fas-chevron-down\" viewBox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M207.029 381.476L12.686 187.132c-9.373-9.373-9.373-24.569 0-33.941l22.667-22.667c9.357-9.357 24.522-9.375 33.901-.04L224 284.505l154.745-154.021c9.379-9.335 24.544-9.317 33.901.04l22.667 22.667c9.373 9.373 9.373 24.569 0 33.941L240.971 381.476c-9.373 9.372-24.569 9.372-33.942 0z\"><\/path><\/svg>","library":"fa-solid"},"full_width":"stretch","layout":"horizontal","toggle":"burger"}" data-widget_type="nav-menu.default"> <div class="elementor-widget-container"> <nav aria-label="Menu" class="elementor-nav-menu--main elementor-nav-menu__container elementor-nav-menu--layout-horizontal e--pointer-none"> <ul id="menu-1-c6a03bd" class="elementor-nav-menu"><li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-10468"><a href="https://sucuri.net/website-security/" class="elementor-item">Products</a> <ul class="sub-menu elementor-nav-menu--dropdown"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10591"><a href="https://sucuri.net/website-security-platform/" class="elementor-sub-item">Website Security Platform</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10473"><a href="https://sucuri.net/website-firewall/" class="elementor-sub-item">Website Firewall</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10474"><a href="https://sucuri.net/custom/agency/" class="elementor-sub-item">Agency Plans</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10589"><a href="https://sucuri.net/custom/enterprise/" class="elementor-sub-item">Custom & Enterprise Plans</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10590"><a href="https://sucuri.net/partners/" class="elementor-sub-item">Partnerships</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10764"><a href="https://sucuri.net/developers/" class="elementor-sub-item">Junior Dev</a></li> </ul> </li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-10530"><a href="#" class="elementor-item elementor-item-anchor">Features</a> <ul class="sub-menu elementor-nav-menu--dropdown"> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10592"><a href="https://sucuri.net/malware-detection-scanning/" class="elementor-sub-item">Detection<small>Website Monitoring & Alerts</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10593"><a href="https://sucuri.net/intrusion-detection-system/" class="elementor-sub-item">Protection<small>Future Website Hacks</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10594"><a href="https://sucuri.net/website-performance/" class="elementor-sub-item">Performance<small>Speed Up Your Website</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10595"><a href="https://sucuri.net/website-malware-removal/" class="elementor-sub-item">Response<small>Help For Hacked Websites</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10596"><a href="https://sucuri.net/website-backups/" class="elementor-sub-item">Backups<small>Disaster Recovery Plan</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10597"><a href="https://sucuri.net/ecommerce-website-security/" class="elementor-sub-item">Ecommerce<small>Security For Online Stores</small></a></li> </ul> </li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-10531"><a href="#" class="elementor-item elementor-item-anchor">Resources</a> <ul class="sub-menu elementor-nav-menu--dropdown"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10598"><a href="https://sucuri.net/guides/" class="elementor-sub-item">Guides</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10599"><a href="https://sucuri.net/webinars/" class="elementor-sub-item">Webinars</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10600"><a href="https://sucuri.net/infographics/" class="elementor-sub-item">Infographics</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10601"><a href="https://blog.sucuri.net/" class="elementor-sub-item">Blog</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10602"><a href="https://sitecheck.sucuri.net/" class="elementor-sub-item">SiteCheck</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10603"><a href="https://sucuri.net/reports/" class="elementor-sub-item">Reports</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10604"><a href="https://sucuri.net/email-courses/" class="elementor-sub-item">Email Courses</a></li> <li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-11216"><a href="https://sucuri.net/ebooks/" class="elementor-sub-item">Ebooks</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10605"><a href="https://sucuri.net/technical-hub/" class="elementor-sub-item">Technical Hub</a></li> </ul> </li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10532"><a href="https://sucuri.net/website-security-platform/signup/" class="elementor-item">Pricing</a></li> </ul> </nav> <div class="elementor-menu-toggle" role="button" tabindex="0" aria-label="Menu Toggle" aria-expanded="false"> <svg aria-hidden="true" role="presentation" class="elementor-menu-toggle__icon--open e-font-icon-svg e-eicon-menu-bar" viewBox="0 0 1000 1000" xmlns="http://www.w3.org/2000/svg"><path d="M104 333H896C929 333 958 304 958 271S929 208 896 208H104C71 208 42 237 42 271S71 333 104 333ZM104 583H896C929 583 958 554 958 521S929 458 896 458H104C71 458 42 487 42 521S71 583 104 583ZM104 833H896C929 833 958 804 958 771S929 708 896 708H104C71 708 42 737 42 771S71 833 104 833Z"></path></svg><svg aria-hidden="true" role="presentation" class="elementor-menu-toggle__icon--close e-font-icon-svg e-eicon-close" viewBox="0 0 1000 1000" xmlns="http://www.w3.org/2000/svg"><path d="M742 167L500 408 258 167C246 154 233 150 217 150 196 150 179 158 167 167 154 179 150 196 150 212 150 229 154 242 171 254L408 500 167 742C138 771 138 800 167 829 196 858 225 858 254 829L496 587 738 829C750 842 767 846 783 846 800 846 817 842 829 829 842 817 846 804 846 783 846 767 842 750 829 737L588 500 833 258C863 229 863 200 833 171 804 137 775 137 742 167Z"></path></svg> <span class="elementor-screen-only">Menu</span> </div> <nav class="elementor-nav-menu--dropdown elementor-nav-menu__container" aria-hidden="true"> <ul id="menu-2-c6a03bd" class="elementor-nav-menu"><li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-10468"><a href="https://sucuri.net/website-security/" class="elementor-item" tabindex="-1">Products</a> <ul class="sub-menu elementor-nav-menu--dropdown"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10591"><a href="https://sucuri.net/website-security-platform/" class="elementor-sub-item" tabindex="-1">Website Security Platform</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10473"><a href="https://sucuri.net/website-firewall/" class="elementor-sub-item" tabindex="-1">Website Firewall</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10474"><a href="https://sucuri.net/custom/agency/" class="elementor-sub-item" tabindex="-1">Agency Plans</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10589"><a href="https://sucuri.net/custom/enterprise/" class="elementor-sub-item" tabindex="-1">Custom & Enterprise Plans</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10590"><a href="https://sucuri.net/partners/" class="elementor-sub-item" tabindex="-1">Partnerships</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10764"><a href="https://sucuri.net/developers/" class="elementor-sub-item" tabindex="-1">Junior Dev</a></li> </ul> </li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-10530"><a href="#" class="elementor-item elementor-item-anchor" tabindex="-1">Features</a> <ul class="sub-menu elementor-nav-menu--dropdown"> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10592"><a href="https://sucuri.net/malware-detection-scanning/" class="elementor-sub-item" tabindex="-1">Detection<small>Website Monitoring & Alerts</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10593"><a href="https://sucuri.net/intrusion-detection-system/" class="elementor-sub-item" tabindex="-1">Protection<small>Future Website Hacks</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10594"><a href="https://sucuri.net/website-performance/" class="elementor-sub-item" tabindex="-1">Performance<small>Speed Up Your Website</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10595"><a href="https://sucuri.net/website-malware-removal/" class="elementor-sub-item" tabindex="-1">Response<small>Help For Hacked Websites</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10596"><a href="https://sucuri.net/website-backups/" class="elementor-sub-item" tabindex="-1">Backups<small>Disaster Recovery Plan</small></a></li> <li class="double-line menu-item menu-item-type-custom menu-item-object-custom menu-item-10597"><a href="https://sucuri.net/ecommerce-website-security/" class="elementor-sub-item" tabindex="-1">Ecommerce<small>Security For Online Stores</small></a></li> </ul> </li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-has-children menu-item-10531"><a href="#" class="elementor-item elementor-item-anchor" tabindex="-1">Resources</a> <ul class="sub-menu elementor-nav-menu--dropdown"> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10598"><a href="https://sucuri.net/guides/" class="elementor-sub-item" tabindex="-1">Guides</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10599"><a href="https://sucuri.net/webinars/" class="elementor-sub-item" tabindex="-1">Webinars</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10600"><a href="https://sucuri.net/infographics/" class="elementor-sub-item" tabindex="-1">Infographics</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10601"><a href="https://blog.sucuri.net/" class="elementor-sub-item" tabindex="-1">Blog</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10602"><a href="https://sitecheck.sucuri.net/" class="elementor-sub-item" tabindex="-1">SiteCheck</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10603"><a href="https://sucuri.net/reports/" class="elementor-sub-item" tabindex="-1">Reports</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10604"><a href="https://sucuri.net/email-courses/" class="elementor-sub-item" tabindex="-1">Email Courses</a></li> <li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-11216"><a href="https://sucuri.net/ebooks/" class="elementor-sub-item" tabindex="-1">Ebooks</a></li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10605"><a href="https://sucuri.net/technical-hub/" class="elementor-sub-item" tabindex="-1">Technical Hub</a></li> </ul> </li> <li class="menu-item menu-item-type-custom menu-item-object-custom menu-item-10532"><a href="https://sucuri.net/website-security-platform/signup/" class="elementor-item" tabindex="-1">Pricing</a></li> </ul> </nav> </div> </div> </div> </div> <div class="elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-75d4b41 elementor-hidden-mobile" data-id="75d4b41" data-element_type="column" id="menu-column-three"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-aa77472 elementor-widget__width-initial elementor-widget-tablet__width-initial elementor-widget elementor-widget-html" data-id="aa77472" data-element_type="widget" data-widget_type="html.default"> <div class="elementor-widget-container"> <div class="float-right-next"> <div class="nav-bar ua-lg"> <ul class="nav"> <li> <a href="/website-security-platform/help-now/" class="mp-under-attack-button u-attack auto-track" data-gatrack="Button_Click, Top_Nav_Under_Attack">Immediate Help</a> </li> </ul> </div> <div class="nav-bar plt"> <div class="login"> <a href="https://dashboard.sucuri.net/login/" class="login mp-login-btn auto-track" data-gatrack="Button_Click, Top_Nav_Login">Login</a> <svg width="32" height="32" viewBox="0 0 32 32" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M16 17.667C18.7614 17.667 21 15.4284 21 12.667C21 9.90557 18.7614 7.66699 16 7.66699C13.2386 7.66699 11 9.90557 11 12.667C11 15.4284 13.2386 17.667 16 17.667Z" stroke="white" stroke-opacity="0.88" stroke-linecap="round" stroke-linejoin="round"/> <path d="M24.3333 24.3332C24.3333 20.6498 20.6016 17.6665 16 17.6665C11.3983 17.6665 7.66663 20.6498 7.66663 24.3332" stroke="white" stroke-opacity="0.88" stroke-linecap="round" stroke-linejoin="round"/> <path d="M26 1H6C3.23858 1 1 3.23858 1 6V26C1 28.7614 3.23858 31 6 31H26C28.7614 31 31 28.7614 31 26V6C31 3.23858 28.7614 1 26 1Z" stroke="#38B299" stroke-opacity="0.88" stroke-linecap="round" stroke-linejoin="round"/> </svg> <div class="login-drop-down inner-nav-bar"> <i class="pointer"></i> <div class="login-container"> <a href="https://dashboard.sucuri.net/login" class="login-btn" data-gatrack="Button_Click, Top_Nav_Login">Login</a> <div class="sign-up"> <p>New Customer? </p> <a href="/website-security-platform/signup/" style="padding: 0px">Sign up now.</a> </div> <ul> <li><a href="https://support.sucuri.net/support/?new" class="login-link">Submit a ticket</a></li> <li><a href="https://docs.sucuri.net/" class="login-link">Knowledge base</a></li> <li><a href="/live-chat/" class="login-link">Chat now</a></li> </ul> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </section> </div> <div class="wp-block-sucuri-framework-hero-webinars container hero webi-b pt-80 pb-80"><div class="row"><div class="c-lg-12 hero-content text-center"><div class="row"><div class="c-lg-12 h-lead"><h1 class="mb-30">How to Clean a Hacked WordPress Site</h1></div><div class="c-lg-8 vidwrp"><div class="vdcontr"><iframe title="How to Clean a Hacked WordPress Site" width="100%" height="360" src="https://www.youtube.com/embed/a6UwUU-3B3w?rel=0" frameborder="0" allowfullscreen></iframe></div><div class="icnavwrp"><ul class="icnav d-flex justify-content-between mt-30 pl-0"><li class="icnav-item"><a href="https://www.slideshare.net/SucuriSecurity/sucuri-webinar-how-to-clean-hacked-wordpress-sites" rel="noopener noreferrer" target="_blank" class="auto-track"><i class="icon slides"></i><p class="heavy">Slides</p></a></li><li class="icnav-item"><a href="#qas" class="auto-track"><i class="icon qas"></i><p class="heavy">Q&As</p></a></li><li class="icnav-item"><a href="#transcript" class="auto-track"><i class="icon transcript"></i><p class="heavy">Transcript</p></a></li><li class="icnav-item"><a href="#resources" class="auto-track"><i class="icon resources"></i><p class="heavy">Resources</p></a></li></ul></div></div><div class="c-lg-4 autinfwrp"><div class="row"><div class="c-lg-12 autavin text-left"><p class="small bold mt-0">Date aired: Sept 29, 2016</p><p>Learn how to identify issues if you suspect your WordPress site has been hacked. Follow Sucuri Remediation Team Lead, Ben Martin, through the steps needed to clean your WordPress site and minimize the attack time.</p></div></div></div></div></div></div></div> <div class="wp-block-sucuri-framework-container container-fluid" style="background-color:#f6fafc;background-image:url();padding-top:0;padding-bottom:0"> <div class="wp-block-sucuri-framework-row row"> <div class="wp-block-sucuri-framework-gridcolumns c-xxl-12 c-xl-12 c-lg-12 c-md-12 c-sm-12" style="background-color:#;background-image:"> <div class="wp-block-sucuri-framework-presenter-bio container presenter-info-wrpr"><div class="row d-flex align-items-center"><div class="c-lg-2 c-lg-offset-1 pvatar-wrpr"><img decoding="async" src="https://sucuri.net/wp-content/uploads/2019/07/17-sucuri-library-webinar-profile-ben.png" alt="Ben Martin - Webinar Profile" class="img-fluid"/></div><div class="c-lg-8 pinfo-wrpr"><p class="bold">Ben Martin</p><p>Remediation Team Lead</p><p class="mb-0">Ben Martin is a Remediation Team Lead at Sucuri. He’s passionate about online security and privacy issues. He is also a music production geek and cat enthusiast.</p></div></div></div> </div> <div class="wp-block-sucuri-framework-gridcolumns c-xxl-12 c-xl-12 c-lg-12 c-md-12 c-sm-12" style="background-color:#;background-image:"> <p></p> </div> </div> </div> <div id="qas" class="wp-block-sucuri-framework-questions-and-answers container qa border-blg"><div class="row"><div class="lead w-100 text-center"><h2>Questions & Answers</h2></div><div id="qa-contt" class="c-lg-12 qa-contt expand"> <p>Question #1: “Is there a way to figure out how the hacker got in so we can patch the vulnerability?” For example, they can clean up all the plugins, but if the vulnerability is within a plugin that they’re using, they can always get back in even with a fresh copy.</p> <p>Answer: This is one of the most common questions that we get asked at Sucuri. People almost always want to know who hacked me, how did they hack me, when did it happen. These can be really difficult questions to answer, and sometimes it’s not even really worth answering, because the hack is done. It’s already happened, but you can look at your server logs.</p> <p>If you have any plugins on your website that have known vulnerabilities, then that’s a pretty strong indicator that’s probably what happened. But it can be really difficult to determine the source. I think it’s better to focus on just defense and death. Just taking every possible defensive measure, update all of your software. Just be really proactive about it, because it can take a really long time to do forensics work and try to figure out how they got in exactly.</p> <p>Server logs are probably your best friend when it comes to that, but you have to be cautious because that’s a rabbit hole that you may or may not want to go down. It goes pretty deep in sometimes, right? You can spend a lot of time trying to figure out exactly how they got in, and come up fruitless at the end of it.</p> <p>There are companies that do forensic services, too, but they’re pretty expensive work. But in my opinion, it’s probably better just to focus on the road ahead of you rather than behind you, and just to try to be proactive about it. Just follow the regular updating, maintenance, site maintenance, having good passwords.</p> <p>I think it’s better to focus your energies on that to try to prevent problems going forward, than kind of getting caught up in the minutia of how they got in, when they got in, why did they hack me, all that kind of stuff, because they’re hard questions to answer. There’s no two ways about it. Yeah. It can be done, but it’s time consuming. Just make sure that you’re focusing more on proactive measures to ensure that the problem does happen again.</p> <p>If you have a vulnerability on one of your plugins, it depends on whether or not that vulnerability is known or not. It could be a brand new one that someone just found, and there is no update for the plugin. It can be kind of impossible to tell. But yeah. Just maintenance your site regularly. Just defense and death have backups, and focus on the road forward is I think, in my opinion, a better use of time.</p> <p>Question #2: One of our viewers was curious to know what’s your browser of choice?</p> <p>Answer: Firefox. I am a huge, huge, huge supporter of open-source. Open-source is best source. I encourage everyone to support open-source software whenever they possibly can. I love Firefox because it’s so modular. There’s so many different add-ons available, tons of different security plugins and add-ons and that stuff. It’s all open-source, all free, so yeah. Mozilla’s awesome. Firefox for the win.</p> <p>Question #3: If your database got compromised, can they be code or password?</p> <p>Answer: Well, the passwords are usually hashed and salted, so it can be done, yeah. If you do suspect that your database was ever compromised, it’s best to just assume that they were compromised, that all the passwords were hacked, right? It’s better to be paranoid. Being actually paranoid is a really big asset when you’re working with security.</p> <p>If there’s any modifications done to your database that you didn’t authorize, any spam links, whatever, change your database passwords, change all of your wp-admin administrator passwords. It’s better just to assume. The passwords can be compromised, yes. It does take a little bit of coaxing and trickery, and it can be done. Just assume that they were hacked, yes.</p> <p>Question #4: Do hackers only have access to the things in plugins that are active, or can they access inactive things and plugins as well?</p> <p>Answer: That’s a really good question. I would err on the side of caution and just assume yes. I think it probably depends. I think some plugins that are deactivated, the hacks might not work if they’re turned off. But you can’t be too careful. Just assume that they can. If you have a deactivated plugin on your website that you’re not using, it shouldn’t be there anyway.</p> <p>Just remove it, remove any software you’re not using. We have to assume the worst. As I mentioned earlier, just be paranoid, nice and paranoid, and remove any and everything that you’re not using. If you have a plugin that’s deactivated on your website, you’re not using it anyway, right? Just err on the side of caution, and you can’t be too careful.</p> <p>Question #5: Okay. This next question is, “How would you best monitor a file system that’s on a hosted site?”</p> <p>Answer: That’s a really good question. There’s a few different ways to do it. I mean, I think it probably depends on your hosting provider and the kinds of tools that they have at your disposal. If you’re not really sure, I mean, what you can do is if you have a backup, so for your site for example, you can compare the two. In Linux, the command that you would use is diff.</p> <p>You have a backup on your site on the left, and you’ve got a more recent copy of your site on the right. You compare them, and it’ll spit out the differences. That way, you can check to see what files have been modified, or what code has been changed.</p> <p>This is another reason why it’s important to have backups running, right? I believe if you have a virtual private server, you should also be able to employ some file integrity monitoring. But yeah, it does kind of depend on your hosting provider, and what they offer.</p> <p>Question #6: There were a couple of questions that came around the franium nov portion of your presentation. Can you elaborate on that just a little bit, just a more clarification around that?</p> <p>Answer: Oh, absolutely. Yeah. When I say nov freemium I just mean pirated. You have on one hand the WordPress repository, so basically everything that you could download from WordPress.org, all the free open-source plugins, themes, etc. Then you also have companies that sell premium themes. I can’t see themes and plugins that cost $20, $40, $60, whatever … I’m talking about the free versions of those paid plugins and themes.</p> <p>If you find a theme that’s normally $60, and you find a website where they’re giving it away for free, you’re first thought is probably, “Wow, that’s wonderful. I just saved myself $60.” But there’s a reason why someone hacked that theme and put it up for download for free. 99% of the time, it’s not because they’re Robin Hood, it’s because they’ve added their own malicious code to it.</p> <p>Once you install that pirated software onto your website, then it’s back doors, or you’ll see spam on your site, or whatever. Also, using pirated software is kind of a crappy thing to do to developers that work very hard and do that for a living.</p> <p>Whatever software you’re using on your website, much sure that you obtain it from a legitimate source. If it’s paid, pay the developers for their hard work. Just don’t any stolen softwares essentially, and that’s what I mean by freemium kind of stuff.</p> </div><div class="c-lg-12 qa-btmbnr mt-30 text-center"><p class="pl">See all Questions & Answers</p><a href="#qa-contt" data-expand="qa-contt" class="btn">Expand</a></div></div></div> <div id="transcript" class="wp-block-sucuri-framework-transcript container transcpt border-blg mb-80"><div class="row"><div class="lead w-100 text-center"><h2>Transcript</h2></div><div id="transcpt" class="c-lg-12 transcpt-contt expand"> <p>Ben Martin – Remediation Team Lead</p> <p>Hello, everyone. Thank you very much for attending our Webinar on how to fix your hacked WordPress websites. I work at Sucuri. I’ve worked at Sucuri for three years, and I work on the remediation team. I’m part of the team that goes in and identifies where the malware is, removes the infection, and tries to identify new kinds of malware, new kinds of hacks that are going on and occurring.</p> <p>Just a little bit about me before we begin. I’m from beautiful Victoria, BC, Canada. There’s a couple other Sucuri employees that live and work here, as well, so if you’re ever in the area, come say hi. I’ve worked in software and security for a total of six years, and I’ve cleaned a lot of WordPress websites.</p> <p>We’re not leaning in just to WordPress. We do a lot of … Clean a lot of Magento eCommerce websites, JOON, like Drupal, MODX, whatever. We’ll clean whatever you can throw at us. But for the purposes of this webinar, we’re just going to be focusing on WordPress. WordPress, of course, is the most common CMS, and it’s very frequently … It’s the platform that we deal the most often with.</p> <p>Part of my job is to identify new strings of malware, sending samples to our research team, identifying trends and what’s going on in the website security world. I also last year spoke at WordCamp in Vancouver, and Toronto and Portland. I’ve broken down this presentation into three different sections, so the first one’s going to be just signs that your website was compromised. I’ve actually worked with clients that their website was hacked years ago and they had no idea.</p> <p>Without proper monitoring in place and logging things, modifications to files, you can … Your site can be hacked and you had no idea, so it’s really important to take that into account. Also, the next section is how to actually find the malware and remove it, how to identify where it’s coming from, what the culprits are.</p> <p>The third section is what to do after a hack, and this is arguably the most important part of … A lot of people forget, so we need to take some proactive measures to make sure that the bad guys aren’t going to come back the next day, because you don’t want to be back at square one, right? Without further ado, how to tell if your website was compromised.</p> <p>There’s a number of different symptoms that you want to look out for, and I’ll just briefly go over each one of those here. Of course, the most obvious one is that your website has been blocklisted. Google, of course, is the most common one, but other search engines, like Bing and Yandex and what not, also maintain their own blocklists. Anti-virus vendors, such as Norton, McAfee, MalwareBytes, maintain their own blocklists, as well, and we maintain a blocklist, also.</p> <p>If you want to check to see if your website is blocklisted, mosey on down to virustotal.com. Type in your website domain name and it will check your website against a whole bunch of different blocklists to see if it’s getting flagged anywhere. There’s an example in the Java Right of a website that getting flagged by five different vendors.</p> <p>In this presentation, I’ve included as many practical examples as I can because it’s one thing to talk about website security, but it’s another thing to actually understand what you’re looking at and be able to understand what you’re seeing, right? I’ve included as many practical screenshots and examples as I can. Also, one thing that’s really important is to listen to your website visitors, and what they’re reporting on your site.</p> <p>You might not be getting any warnings on your end, but they might be using a different anti-virus program, for example. They might be getting warnings, and you’re not. Pay careful attention to what your website visitors are saying. If you try to access a website that is blocklisted by Google, you’re going to see something like this. Pretty strong indicator that something’s gone wrong, right?</p> <p>This is the most common way that people realize that their website has been compromised. The second thing that you want to look at for is if you see any spam in Google search results. Spam infections are actually really, really common on websites. If you notice some sort of weird contents showing up in Google-related to your website, for example, pharmaceuticals, adult content, or I’ve even seen cat food spam.</p> <p>There’s all sorts of strange stuff, and so what you can do is go to Google and type in site, colon, and then your domain name. Google will give you a result of all the links that have been crawled there. If you see stuff like in the example screenshot there, then there’s a strong likelihood that your website has been hacked. Especially if it’s a website that doesn’t sell pharmaceuticals, right?</p> <p>If Google does suspect that there is spam on your website, they’re going to label it with, “This site might be hacked,” right? It’s important to recognize the different warnings that Google will show.</p> <p>If your website is throwing malware or redirecting visitors to exploit kit landing pages, they’re going to issue a different warning that says, “This site might harm your computer,” right? If you find that your website traffic is getting redirected elsewhere, so for instance, if you try to access your website, and all of a sudden you end up at an adult dating website, then that could be attackers that are redirecting your traffic to a location of their choice.</p> <p>Sometimes, it’s just, sort of, innocuous spam, but other times it could be something way more serious. Like phishing pages or ransomwear, exploit kits, that kind of stuff. The image on the right is a hacked HT access file, which I’m going to go into a little bit more detail later.</p> <p>But suffice it to say any visitor to your site that matches one of the listed user agents is going to get redirected to the Russian bogus domain at the bottom. Again, make sure that you listen to what your visitors are reporting.</p> <p>It was a really common infection that we saw last year where only traffic from mobile devices was getting redirected to adult dating websites. Sometimes, it can only affect certain user agents, certain computers, and other ones, the website functions normally. If you notice any weird popups, new tabs opening up, popups, pop-unders. This is a strong sign that there’s been some malicious or spamming modifications made to your website.</p> <p>If you’ve noticed that every time you go to your site, all of a sudden you get some weird pages like the one displayed here. That’s a big red flag, for sure. You can also use our very handy site check tool which is free. You can go to www.sitecheck.sucuri.net, and scan your website for malware and spam. It will also check your website against a number of different blocklists, so it’s a very useful tool to see if there’s any malicious stuff loading.</p> <p>We update sitecheck very frequently. Malware’s changing all the time, right? There’s always new variants of code, new infections going around. We update sitecheck frequently to make sure that it’s catching the most … Especially the most common malware that we see. Of course, if you go to your website and it looks something like this, that’s a pretty strong indicator that you’ve been hacked.</p> <p>Defacement attacks like this are very unsophisticated, very basic, but they do happen. It’s kind of scary to go to your site and see something like this, right? All right, cool. We’ve decided … We’ve determined that you website is compromised. What do we do now? Well, WordPress is a really powerful platform, particularly because it’s so straightforward and so easy to use.</p> <p>But for that same reason, it’s actually fairly easy to determine the source of hacked WordPress website because the platform is so straightforward, and you can actually … Even if you’re not super sophisticated with the backend of websites or malware or whatever, you can go through the process of elimination using some tools to basically find the source of the problem that way.</p> <p>Well, what I’m going to do is I’m going to go through this whole list here of core files, plugins, etc, and elaborate a little bit on each section. We can just go through them one by one by one, and eventually we’ll find the source of the hack, right?</p> <p>If you’re wondering what this weird thing on the right is, that’s a nice juicy piece of malware, heavily ofisgated to code. I want to go through a couple of tools that you’re going to want to be familiar with before we begin.</p> <p>All these tools are free, not going to cost you any money. Unfortunately, I can’t go into super, huge detail about all of them because I can do a whole … A webinar just on this slide. But I do want to mention them before we get started. This Sucuri scanner WordPress plugin is a really good tool to have. You can download it for free from WordPress.org, and it’s a really good diagnostics, sort of, monitoring tool.</p> <p>It’ll check your core files, the core integrity of your files. It’ll log who’s logging in to your WP admin page, and from which IP and when. It’s a very useful thing to have. You’re also going to want to have an FTP client, so like FileZilla, so you can actually check the files on your server.</p> <p>Also, please be sure to install a script blocker, such as NoScript for Firefox, which is a browser add-on. Google Chrome has a very similar one, several to choose from. But basically, the script blocker is the most important tool that someone could have in their arsenal when they’re working with hacked WordPress websites, because you don’t want your computer to get infected when your trying to fix the hack, right?</p> <p>Make sure you’re not allowing scripts to execute, and that way you can protect your browser from getting infected, too, right? VirtualBox, or Vmware. Some sort of virtualization tool is a very useful thing to have. That way, you can work in a, sort of, sand box environment, where you don’t have to put your main computer at risk. Ad blocker is also very useful. There’s been quite an increase in malvertising lately.</p> <p>Rogue ad networks, bogus ad networks riding trojans and bad stuff. Actually, uBlock Origin’s my favorites, and it’s actually quite a good diagnostic tool and it can help check all sorts of different third party content that’s loading on your website. If you need to check your database, you can use phpMyAdmin or Adminer. phpMyAdmin is available for your cPanel. If you don’t have cPanel, you can head on down to Adminer.org.</p> <p>That will allow you to connect to your database and check for spam and Iframes and that kind of stuff, anything weird that’s loading. Honorable mention goes to a user agent switcher. Some malware or spam will only deploy if it’s a certain user agent that’s triggered. It’s really common, for example, for spam only to show the search engines, but won’t show to regular website visitors, right?</p> <p>Of course, the support forums at WordPress.org are a really important thing to use. There’s a really great community in place that can help you troubleshoot, help guide you in the right direction if you’re kind of lost and not really sure what to do or where to look. I do want to say that it’s really important to back up your website first before you make any changes here, because removing malware can be tricky.</p> <p>Especially if you’re not entirely sure what you’re doing, you can damage your website and leave yourself with a blank white screen of a website. Of course, a blank white screen is the cleanest website you can possibly have, but it’s not particularly useful, right? Make sure you or your hosting provider has a full backup of your files, backup of your database, because you don’t want to lose all your hard work, right?</p> <p>If anything goes wrong, you want to be able to reset, and go back to square one and try again, right? That’s particularly true if you’ve made any modifications to your theme files, any customizations to the code that you’re using. You want to make sure that you backup everything before we begin, okay?</p> <p>The first thing that we can go through here are the core files. For those of you who don’t know, the core files are wp-includes, wp-admin, and the files in the root of your website. There’s some files that tend to get infected more frequently than other ones. For example, the index.php file is very common. We can see on this screenshot here from our Sucuri scanner plugin that this person’s index.php file has been modified and has had a whole bunch of code added to it.</p> <p>I know from working with WordPress sites quite a bit that that’s a really big index.php file. It’s been modified, there have been some code added to it. That’s a very big red flag, and in all likelihood, that file has had malware added to it.</p> <p>Same with the wp-tron, right? You want to make sure that you have some sort of monitoring in place to check to see when your core files were modified, if they were modified, because if something bad happens, you need to know about it, right? If you’re really not sure, you can just download a fresh copy of WordPress from WordPress.org and just replace all your core files, and just overwrite it with known good columns, right?</p> <p>This is an example of an infected wp-load.php core file. You can see all the code at the bottom is legitimate, but there’s two big, ugly strings of encrypted code at the top, right? Labeled with, “Do not delete,” of course. It’s really common for malware to be encrypted like this, and WordPress does not allow encryption to be used in any files that are part of the …</p> <p>Any software part of the repository, so if you see something like this, it’s a pretty big red flag, right? The next thing you want to check are your theme files. This is a really common place to hide malware, and the reason being is because no matter what page or post your visitors are on, these theme files are going to be in use.</p> <p>They’re going to be loaded, so it’s a very effective way of deploying malware, and making sure … Because the attackers want to infect as many visitors as they can, for the most part, right? In this example image, we can see that the header.php file was modified recently at a totally different date than all of the rest of the files that are within the theme, right?</p> <p>This is a really common thing that I do if … For example, if a client comes to us with an infected website and we scan it, and everything seems clean, I always check the theme files first, right? Because it’s just … It’s one of the most common places to check. Common files: index, header, footer, functions, 404 not php. These are all files that you’re going to want to check.</p> <p>Again, much like the core files, if you’re just not sure at what you’re looking at and you’re kind of not comfortable with this, download a fresh copy of your theme, and upload it and reinstall it, and that will just fix any modifications that have been made.</p> <p>Again, I want to remind you, if you’ve made any modifications to your theme files, any customizations, anything like that, make sure you have a backup. Another technique that we use is if we suspect perhaps it’s the theme, but we’re not sure. What you can do is download a copy of one of the default WordPress themes from WordPress.org. Something like 2016, 2015, whatever.</p> <p>Switch your active theme with that, and if the problem still remains … Or if the problem is fixed, then you know it’s your theme, right? For instance, there’s sitecheck was flagging some spam or flagging some malware on your website. You switch to a new theme, and you re-scan and it’s clean. You know it’s the theme, right? Here’s an example of an infected header.php file.</p> <p>We see all the code here is legitimate except when we get to the bottom, where we see weird, ugly, purple string of numbers. When decoded, all this script does is just redirect someone to a bogus pharmacy website. But the reason it’s encoded like that is because if you noticed that your website traffic was redirecting to boguspharmacy.com, you could just search your website files for pharmacy, and you would find your culprit right away.</p> <p>This is the motivation behind a lot of the encryption ofisgation in use that we see, right? Plugins are the next thing that you’re going to want to check. Plugins are very problematic, particularly old, out of date plugins. They pose a whole big, set of problems. Out of date plugins are one of the most common reasons why websites get attacked due to vulnerable code in them.</p> <p>You want to make sure your plugins are up to date all the time. Plugin files are also a pretty common place for attackers to place back doors. Also, malware can be hiding in plugins. Bad guys can add malicious codes to plugins, and if the plugin is active, then the code will be present on your site, right? With both themes and plugins, please avoid using pirated software.</p> <p>It’s almost always infected, so you want to make sure you’re using legitimate sources for the software that you’re using. Much like the themes, if you are not sure what to do, just remove any plugins you’re not using, download fresh copies of the ones that you are, replace the files with fresh copies. Here is an example of paves that world very familiar with, wp-admin page full of a whole slew of out of date plugins.</p> <p>This is something you want to avoid. Make sure you update, update, update. Security guys can’t stop saying that enough. This is an interesting example. This is a bogus plugin, entirely bogus. But unlike a lot of the malware that we see, it’s not encrypted, it’s not ofisgated, it’s properly formatted, indented. It looks normal at first glance.</p> <p>But what this plugin code actually does is generate a whole thousand of bogus torrent download links through your website. It doesn’t have to be encrypted to be bad. The database is the next thing you want to check. This is a really common place for spam to hide, so if you see spam being flagged by sitecheck, or you see spam in Google search results, it’s … There’s a very good chance that it’s been lodged into your database somewhere.</p> <p>But also, like the example in the image here shows, it’s also somewhere where they can inject malicious code also. Just for those of you that don’t know, the database is where all of your, sort of, content is stored. If you make a blog post that says, “Hello world,” the text, “Hello world,” is loaded into the database.</p> <p>That’s also where your settings are stored, theme settings, user settings, all that kind of stuff. For example, this is a really common kind of infection that we see here. If you look at the top, it says style display equals none. The code is there, but it’s not displayed. You can look and just be browsing your website like normal, everything seems fine.</p> <p>But when search engines browse the page, they see all these spam links. That can really hurt your website’s SEO, actually, and that can take a while to repair that. .htaccess, very interesting file. .htaccess files, sort of, instructs how certain link’s behavior on your website is handled. On the right is what the default WordPress .htaccess file looks like.</p> <p>Certain plugins will make legitimate changes to .htaccess, so for instance, cashing plugins or some security plugins will modify it. But this is also a pretty common place for attackers to insert bad code, especially when it applies to redirects. If some of your traffic is being redirected to places it shouldn’t, make sure to check your .htaccess file.</p> <p>If you wanted to redirect a user somewhere else, that’s usually where you’d do it. But it’s also where you can, for example, redirect http traffic to https. There’s legitimate uses for it, of course. But it’s a pretty common place for attackers to modify. This is a really interesting example of a spammy .htaccess file. Very interesting to look at, but actually what it does is, you guessed it, spam links in Google. This allows for all sorts of spammy stuff to generate.</p> <p>There’s a lot of different variations of this kind of malware, and we can see from the top of the file there how it’s referencing index.php. That’s because the index.php file was modified, also. Advertising networks can be problematic. A lot of website owners choose to employ the use of advertising networks on their website, and that’s fine.</p> <p>But they can post their own set of problems, especially less reputable, less well-known advertising networks can have problems of malvertising rogue ads that deliver trojans to visitors. It can be quite difficult to troubleshoot this, particularly if you’re using multiple advertising networks. It can be hard to, sort of, track down which one it’s coming from. We see this problem a lot of video streaming websites that employ three or four different ad networks.</p> <p>I would recommend that everyone … If you do choose to run ads on your site, use a well-known, reputable network, and none of the cheap ones. This is an example of some bogus ad networks that were injected into a client’s database. There were thousands of these links, and what it did was any time anybody clicked on one of the links on the page, it would redirect them to stamp sites, right?</p> <p>Sometimes, it can actually be the server itself. This is not as common, but sometimes the server can itself be rooted, can be compromised. You notice this weird EyeFrame that’s generating on all the pages, but it’s also happening to 150 other people that are all on the same server, right? These are really tricky to handle. It is possible to clean a rooted server, but really the …</p> <p>What we would recommend doing that’s, sort of, safest option is to migrate your website to another server, change all of your passwords, and ideally the server should be wiped and reformatted because it’s hard to know if it’s fully fixed, right? On this topic, make sure your hosting provider considers security to be a priority, because when things go wrong and your website gets compromised, your hosting provider is …</p> <p>You’re going to need to be in touch with them, and it’s good that they have good support, and takes security seriously, right? The last thing I want to mention here is back doors. They’re the trickiest part of all of this, right? Attackers will sometimes inject maybe one or two back doors onto the server. Sometimes they’ll upload hundreds of them, or sometimes in every single php file that they can find.</p> <p>For instance, your website traffic is getting redirected elsewhere. You found the infected file in the header of your theme. You remove the malware, and the redirect is gone. Awesome. Great. The job’s done, but you’ll have exactly the same problem tomorrow because attackers always make sure that they can maintain access, right? Actually, a pretty common thing for them to do is to place a back door on the server, and then wait for weeks or longer.</p> <p>Then they’ll deliver the payload, and the reason for that is because a very common thing for people to do when they realize they’ve been hacked is to restore back up from a week or two ago. Well, the back door’s still there, so it’ll still have access. We find new kinds of back doors all the time.</p> <p>There’s new ones being written constantly, and it can be really tricky to track them all down. This is why it’s important to make sure that you have some sort of a logging of what files have been modified on your server. Also, a useful trick if you’re not sure what you’re looking for or where, you can check your server logs to see if there are any files that are being directly accessed from stringing IP addresses, or whatever.</p> <p>We’ve written a little bit about finding and removing back doors on our blog at Sucuri.net, and I’d suggest giving that a look and checking that out. Just so you know how to recognize a back door when you see one, there’s one injected at the very top of this file. Now this was a client’s footer.php from their theme, and at the top you can see the part … The first opening and closing php tag, where it says, “Base64 decode post zed zero eval.”</p> <p>Basically, if that code exists, is present in one of your files, attackers can send a request to it, and the back door will do the attackers bidding, essentially. You don’t want to find yourself just back at square one after you worked so hard to get the infection removed, right? I wanted to mention just a couple other helpful resources that are useful when dealing with hacked sites.</p> <p>Of course, sitecheck.Sucuri.net, as I already mentioned, is very useful. Redlands file viewer at Aw-snap.info is also super helpful for fighting spam, malvertising, redirects, that kind of stuff. Webpagetest.org is also quite helpful. What it will do is it’ll load your website and just log every single thing that’s loading.</p> <p>All the third party content, all of the files. It just gives you a nice, long list that you can investigate. Portswigger is a very useful application testing tool. Very useful for determining malvertising, if any third party content on your site is causing issues. It’s a little bit more advanced, so if you’re not super tech-savvy, you might want to hold off on that one.</p> <p>But very fun to mess around with, and if you find a nice encrypted chunk of php code, and you want to see what’s inside, you can mosey on down to ddcode.com, or unphp.net, and it will attempt to decrypt it and deofisgate it to let you know what’s hiding inside. All right. We’ve found the infection, we’ve removed the malware.</p> <p>What do we do now? This is the part that people very frequently overlook, and we have to remember that the attackers are going to be back, right? One they determine that this is a vulnerable website, we can exploit that, they’ll just do it again, and again, and again, and again, because they know that the root causes are rarely addressed. A lot of site owners don’t update their plugins. They don’t change their passwords.</p> <p>They don’t update WordPress, so we need to just leave no stone unturned. Make sure you update all your stuff here, and just acknowledge that the attackers are … They will be back, and as much as working with a hacked website can be stressful, nobody really wants to do it. No one wants to get hacked, but this is just the reality, right? The most important thing is update, update, update, update.</p> <p>I can’t stop saying this enough. Out of date software is by far the leading cause of infection, and you want to make sure that your website is properly maintained, properly updated, all the time. This is a constant process. This is not something that you can just do once, and then forget about it.</p> <p>There’s new updates constantly, right? Please make sure that you’re taking proactive steps to maintain your website properly, and this is really the best thing you can do to prevent attacks. Change all your passwords after a compromise, and just assume that all of your passwords were leaked, right? FTP, cPanel, wp-admin, everything.</p> <p>Just change them all. You can be too careful, right? I would recommend that you use a password manager like LastPass, and in my line of work, I’ve seen some atrociously bad passwords. Please make sure that your passwords are complex but their difficult to brute force. Can’t be too careful, right? Review who has access to your website, also. I’ve seen WordPress sites with 15 or 20 different admin users.</p> <p>Only give administrative access to who absolutely needs it and for the amount of time that they need it for, at which point, revoke their access. I’ve seen cases where a client had hired a developer to work on their site a year ago, and they just left the admin account there. The password was weak, and it was brute forced, and their website was compromised because of it.</p> <p>Have as few admin users as possible. It’s also not a bad idea to have a separate account that you use for just basic stuff, like updating blog posts and uploading media files, that sort of thing. Then a separate admin account for doing admin stuff that you keep under lock and key. A nice term that we like to use in the security world is ‘decreasing the attacked surface.’</p> <p>What that means in simple terms is just decrease the amount of things that could possibly go wrong. What that means is getting rid of plugins that you’re not using, getting rid of old themes that you’re not using anymore. If you have any old versions of your website, and backups and whatever, laying on your server, migrate them off. Just have as few stuff on your server as necessary, and that’ll really go a long way in preventing problems in the future.</p> <p>You also want to make sure you scan your work station. This is really important because if your work station, your laptop, whatever website, or whatever computer you use to work on your websites, if it’s infected, that can cause your website to get infected, too. I remember a client I worked with once, he followed our post-infection steps to a tee. He changed all of his passwords.</p> <p>He updated all of his stuff, and he was hacked again two days later because his computer was infected. It had a trojan keylogger on it, and when he updated the password to the new one, they just stole it again. You want to make sure your scanning your work station effectively and frequently, because that’s another piece of the puzzle that we don’t want to forget, right?</p> <p>Make sure you have a backup schedule. Make sure that you’re performing backups of your websites regularly, and that they’re not stored on your production server. We do have a backup service for $5 per website per month. It’s very easy to use. There’s a ton of other backup services, too. Some hosting providers perform backups for you, but this is something you want to make sure you have a spare tire, as it were, if something was wrong.</p> <p>This is a screenshot from our backup service, and it’s very easy to use. Super nice, simple interface, and it’ll just do a backup of your site every day. You can download them at your leisure, whenever you need a copy. You can also perform some hardening of your websites. This image here on the right is an .htaccess file, which you can place in wp-content/uploads or in image directories, places where php just doesn’t need to execute from.</p> <p>The WordPress security scanner plugin can help you with this. You can also add some additional security rules to your wp-config file such as disallowing file edit. In that sense, even if your wp-admin page is compromised, the files can’t be actually modified.</p> <p>Some developers really like file edit function. It’s very convenient, but unfortunately, convenience and security don’t always get along super well. Last but not least, use a web application firewall. We offer one called Cloud Proxy, which is part of our security services. It will proactively defend your website against attacks. In fact, the malicious requests won’t even touch your server at all because we will filter it out through our servers, right?</p> <p>We’re constantly updating Cloud Proxy to make sure that it’s catching the newest attacks, the newest attempts at compromise. It can help against brute force attacks, and attempts to access your wp-admin page.</p> <p>It can do a whole lot, and it’s really good for just peace of mind knowing that you have some layer of defense between you and your website, and the broader web, right? Yeah. That’s pretty much it. I hope you all found that helpful and informative, and yeah. If any of you guys have any questions, then yeah. I would love the answer them.</p> </div><div class="c-lg-12 transcpt-btmbnr mt-30 text-center"><p class="pl">See Full Transcript</p><a href="#transcpt" data-expand="transcpt" class="btn">Expand</a></div></div></div> <div id="resources" class="container resocs pt-0"><div class="row"><div class="lead c-lg-12 text-left"><h2>Similar Past Webinars</h2></div><div class="c-lg-12"><p>In the website security community, our name is known for fast site hack cleanup and responsible vulnerability disclosure. As thought leaders in website security, we are committed to sharing what we know. Follow our concise and helpful website security guides and tutorials so you can learn how to clean and secure your website.</p></div></div></div><div class="container-fluid fwnav-wrpr p-0"><div class="container ptb-0"><div class="row"><div class="c-lg-12"><ul class="list-inline"><li class="list-inline-item"><a href="#webinars">Webinars</a></li></ul></div></div></div></div><div class="container report-cards-wrapper"><div class="row"><div class="c-lg-12 lead text-left"><h2>Resources</h2></div><a href="https://sucuri.net/webinars/2022-hacked-website-report/"><div class="c-lg-12 resource-card-h"><div class="row"><div class="c-md-2 rc-img"><img decoding="async" src="https://sucuri.net/wp-content/uploads/2023/03/23-sucuri-hacked-website-threat-report-2022-webinar-og-image.png" alt="Picture of presenter of 2022 Website Threat Report Webinar" class="img-fluid"></div><div class="c-md-10 rsc-cont"><h4 class="ph bold"><span class="bold highlight">Webinar</span> – 2022 Website Threat Report Webinar</h4><p>Join us on April 5th as we cover the latest findings from our 2022 Hacked Website Threat Report. We’ll shed light on some of the most common tactics and techniques we saw within compromised website environments.</p></div></div></div></a><a href="https://sucuri.net/webinars/virtual-patching-webinar/"><div class="c-lg-12 resource-card-h"><div class="row"><div class="c-md-2 rc-img"><img decoding="async" src="https://sucuri.net/wp-content/uploads/2023/01/23-sucuri-webinar-virtual-patching-og-image.png" alt="Picture of presenter of Virtual Patching Webinar" class="img-fluid"></div><div class="c-md-10 rsc-cont"><h4 class="ph bold"><span class="bold highlight">Webinar</span> – Virtual Patching Webinar</h4><p>All software has bugs – but some bugs can lead to serious security vulnerabilities that can impact your website and traffic. In this webinar, we dive into the steps you can take to migrate risk from infection and virtually patch known vulnerabilities in your website’s environment.</p></div></div></div></a><a href="https://sucuri.net/webinars/2021-hacked-website-report/"><div class="c-lg-12 resource-card-h"><div class="row"><div class="c-md-2 rc-img"><img decoding="async" src="https://sucuri.net/wp-content/uploads/2022/06/23-sucuri-webinar-hacked-website-threat-report-2021-og-image.png" alt="Picture of presenter of Hacked Website Threat Report 2021" class="img-fluid"></div><div class="c-md-10 rsc-cont"><h4 class="ph bold"><span class="bold highlight">Webinar</span> – Hacked Website Threat Report 2021</h4><p>The threat landscape is constantly shifting. As attackers continue to hone their tools and exploit new vulnerabilities, our team works diligently to identify and analyze threats posed to webmasters. Join us on July 6th as we cover the latest findings from our Hacked Website Threat Report for 2021. </p></div></div></div></a><a href="https://sucuri.net/webinars/understand-logs-to-better-manage-your-wordpress-site/"><div class="c-lg-12 resource-card-h"><div class="row"><div class="c-md-2 rc-img"><img decoding="async" src="https://sucuri.net/wp-content/uploads/2019/08/23-sucuri-webinar-understanding-wordpress-audit-logs-og-image.png" alt="Picture of presenter of Logs: Understanding Them to Better Manage Your WordPress Site" class="img-fluid"></div><div class="c-md-10 rsc-cont"><h4 class="ph bold"><span class="bold highlight">Webinar</span> – Logs: Understanding Them to Better Manage Your WordPress Site</h4><p> In this webinar we will highlight the various activity, access, and error logs WordPress site administrators have at their fingertips. Plus, learn how logs can best be used to manage, troubleshoot, and most importantly, secure your sites.</p></div></div></div></a><a href="https://sucuri.net/webinars/personal-online-privacy/"><div class="c-lg-12 resource-card-h"><div class="row"><div class="c-md-2 rc-img"><img decoding="async" src="https://sucuri.net/wp-content/uploads/2019/08/23-sucuri-webinar-personal-online-privacy-og-image.png" alt="Picture of presenter of Personal Online Privacy" class="img-fluid"></div><div class="c-md-10 rsc-cont"><h4 class="ph bold"><span class="bold highlight">Webinar</span> – Personal Online Privacy</h4><p>In our latest webinar, we'll describe action items that can improve the security state of internet-connected devices we all use every day. These devices will include common household staples such as: WiFi Routers, iOS/Android devices, and personal computers.</p></div></div></div></a><a href="https://sucuri.net/webinars/why-hackers-hack/"><div class="c-lg-12 resource-card-h"><div class="row"><div class="c-md-2 rc-img"><img decoding="async" src="https://sucuri.net/wp-content/uploads/2019/07/23-sucuri-webinar-why-do-hackers-hack-og-image.png" alt="Picture of presenter of Why Do Hackers Hack?" class="img-fluid"></div><div class="c-md-10 rsc-cont"><h4 class="ph bold"><span class="bold highlight">Webinar</span> – Why Do Hackers Hack?</h4><p>Join us as we delve into the minds of hackers to explain targeted attacks, random attack, and SEO attacks. Find out why bad actors target websites.</p></div></div></div></a><a href="https://sucuri.net/webinars/waf-firewall-and-cdn-feature-benefit-guide/"><div class="c-lg-12 resource-card-h"><div class="row"><div class="c-md-2 rc-img"><img decoding="async" src="https://sucuri.net/wp-content/uploads/2019/07/23-sucuri-webinar-waf-firewall-and-cdn-feature-benefit-guide-og-image.png" alt="Picture of presenter of WAF (Firewall) and CDN Feature Benefit Guide" class="img-fluid"></div><div class="c-md-10 rsc-cont"><h4 class="ph bold"><span class="bold highlight">Webinar</span> – WAF (Firewall) and CDN Feature Benefit Guide</h4><p>A feature benefit guide for our agencies and end users. Why use our firewall? What kind of protection does it offer? How does it affect the efficiency and speed of my site? Will it affect my server's resources? Find out the answers to these questions and more in our webinar…..</p></div></div></div></a><a href="https://sucuri.net/webinars/cross-site-contamination-for-the-non-technical/"><div class="c-lg-12 resource-card-h"><div class="row"><div class="c-md-2 rc-img"><img decoding="async" src="https://sucuri.net/wp-content/uploads/2019/07/23-sucuri-webinar-preventing-cross-site-contamination-for-beginners-og-image.png" alt="Picture of presenter of Preventing Cross-Site Contamination for Beginners" class="img-fluid"></div><div class="c-md-10 rsc-cont"><h4 class="ph bold"><span class="bold highlight">Webinar</span> – Preventing Cross-Site Contamination for Beginners</h4><p>Cross-site contamination happens when one hacked site infects other sites on a shared server. This webinar is for beginners and web professionals to understand cross-site contamination and how to prevent it…..</p></div></div></div></a><a href="https://sucuri.net/webinars/getting-started-with-sucuri/"><div class="c-lg-12 resource-card-h"><div class="row"><div class="c-md-2 rc-img"><img decoding="async" src="https://sucuri.net/wp-content/uploads/2019/07/23-sucuri-webinar-getting-started-with-sucuri-og-image.png" alt="Picture of presenter of Getting Started with Sucuri!" class="img-fluid"></div><div class="c-md-10 rsc-cont"><h4 class="ph bold"><span class="bold highlight">Webinar</span> – Getting Started with Sucuri!</h4><p>If you're considering security for your site or are new to our services, this webinar will guide you through Sucuri's simple setup processes. Potential notifications, support options for various scenarios, and ways that you can also work to keep your site malware-free will be discussed…..</p></div></div></div></a><a href="https://sucuri.net/webinars/how-to-account-for-security-with-customer-projects/"><div class="c-lg-12 resource-card-h"><div class="row"><div class="c-md-2 rc-img"><img decoding="async" src="https://sucuri.net/wp-content/uploads/2019/07/23-sucuri-webinar-how-to-account-for-security-with-customer-projects-og-image.png" alt="Picture of presenter of How to Account for Security with Customer Projects" class="img-fluid"></div><div class="c-md-10 rsc-cont"><h4 class="ph bold"><span class="bold highlight">Webinar</span> – How to Account for Security with Customer Projects</h4><p>Learn how you or your agency can account for security with your client projects. Presented by Sucuri Co-Founder, Dre Armeda, this webinar shows how you can get involved and help clients who are not aware of some of the security risks involved with managing a website…..</p></div></div></div></a></div></div> <div data-elementor-type="footer" data-elementor-id="10539" class="elementor elementor-10539 elementor-location-footer" data-elementor-post-type="elementor_library"> <section class="elementor-section elementor-top-section elementor-element elementor-element-861d687 elementor-section-full_width elementor-section-height-default elementor-section-height-default" data-id="861d687" data-element_type="section"> <div class="elementor-container elementor-column-gap-default"> <div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-fc1f30f" data-id="fc1f30f" data-element_type="column"> <div class="elementor-widget-wrap elementor-element-populated"> <div class="elementor-element elementor-element-a32286d elementor-widget elementor-widget-footer_section" data-id="a32286d" data-element_type="widget" data-widget_type="footer_section.default"> <div class="elementor-widget-container"> <div class="sucuri-footer-revamp parent"> <div class="footer-menu-logo-container"> <div class="footer-menu-logo-internal"> <div class="image-container"> <img src="https://sucuri.net/wp-content/uploads/2022/12/sucuri_logo_dark.svg" alt="Sucuri Logo"> </div> <div class="social-media-container"> <p>Let’s Connect</p> <div class="social-media-wrapper"> <a aria-label="Visit our Twitter profile" href="https://twitter.com/sucurisecurity/"> <svg xmlns="http://www.w3.org/2000/svg" width="23" height="21" viewBox="0 0 23 21" fill="none"><path d="M18.1138 0.210449H21.6407L13.9356 8.92748L23 20.7894H15.9016L10.3427 13.5952L3.98206 20.7894H0.453113L8.69443 11.4656L0 0.210449H7.27646L12.3012 6.78621L18.1117 0.210449H18.1138ZM16.876 18.6998H18.8303L6.21564 2.19025H4.11853L16.876 18.6998Z" fill="#00FFCE"></path></svg> </a> <a aria-label="Visit our Facebook profile" href="https://www.facebook.com/SucuriSecurity"> <svg xmlns="http://www.w3.org/2000/svg" width="23" height="23" viewBox="0 0 23 23" fill="none"><path d="M21.7287 0H1.27126C0.567177 0 0 0.567177 0 1.27126V21.7287C0 22.4328 0.567177 23 1.27126 23H12.2823V14.1012H9.28996V10.6395H12.2823V8.07738C12.2823 5.10459 14.1012 3.48129 16.7415 3.48129C18.0128 3.48129 19.108 3.57908 19.4209 3.6182V6.72789H17.5825C16.1352 6.72789 15.8614 7.41241 15.8614 8.40986V10.6199H19.3036L18.8537 14.0816H15.8614V22.9804H21.7287C22.4328 22.9804 23 22.4133 23 21.7092V1.27126C23 0.567177 22.4328 0 21.7287 0Z" fill="#00FFCE"></path></svg> </a> <a aria-label="Visit our Instagram profile" href="https://www.instagram.com/sucurisecurity/"> <svg xmlns="http://www.w3.org/2000/svg" width="23" height="23" viewBox="0 0 23 23" fill="none"><path d="M22.9218 6.76701C22.8631 5.55442 22.6675 4.71344 22.3937 3.97024C22.1003 3.20748 21.7092 2.58163 21.0638 1.93622C20.4184 1.29082 19.7925 0.89966 19.0298 0.606292C18.3061 0.312925 17.4651 0.136905 16.233 0.0782313C15.0008 0.0195578 14.6097 0 11.5 0C8.3903 0 7.97959 0 6.767 0.0782313C5.53486 0.136905 4.71343 0.332483 3.97024 0.606292C3.20748 0.89966 2.58163 1.29082 1.93622 1.93622C1.29081 2.58163 0.899655 3.20748 0.606288 3.97024C0.31292 4.69388 0.117341 5.53486 0.0782256 6.76701C0.0195522 7.99915 0 8.39031 0 11.5C0 14.6097 -5.6684e-06 15.0204 0.0782256 16.233C0.136899 17.4456 0.332478 18.2866 0.606288 19.0298C0.899655 19.7925 1.29081 20.4184 1.93622 21.0638C2.58163 21.7092 3.20748 22.1003 3.97024 22.3937C4.69388 22.6675 5.53486 22.8631 6.767 22.9218C7.99915 22.9804 8.3903 23 11.5 23C14.6097 23 15.0008 23 16.233 22.9218C17.4456 22.8631 18.2866 22.6675 19.0298 22.3937C19.7925 22.1003 20.4184 21.7092 21.0638 21.0638C21.7092 20.4184 22.1003 19.7925 22.3937 19.0298C22.6871 18.3061 22.8631 17.4651 22.9218 16.233C22.9804 15.0009 23 14.6097 23 11.5C23 8.39031 23 7.99915 22.9218 6.76701ZM20.8486 16.1548C20.79 17.2696 20.6139 17.8759 20.4575 18.2866C20.2423 18.8146 20.0077 19.2058 19.5969 19.6165C19.1862 20.0272 18.8146 20.2619 18.267 20.477C17.8563 20.6335 17.25 20.8291 16.1352 20.8682C14.9226 20.9269 14.551 20.9269 11.5 20.9269C8.44897 20.9269 8.05782 20.9269 6.86479 20.8682C5.75 20.8095 5.1437 20.6335 4.73299 20.477C4.20493 20.2619 3.81377 20.0272 3.40306 19.6165C2.99234 19.2058 2.75765 18.8342 2.54252 18.2866C2.38605 17.8759 2.19047 17.2696 2.15136 16.1548C2.09268 14.9422 2.09269 14.5901 2.09269 11.5196C2.09269 8.44898 2.09268 8.09694 2.15136 6.88435C2.21003 5.76956 2.38605 5.16327 2.54252 4.75255C2.75765 4.22449 2.99234 3.83333 3.40306 3.44218C3.81377 3.03146 4.18537 2.79677 4.73299 2.58163C5.1437 2.42517 5.75 2.22959 6.86479 2.19048C8.07738 2.1318 8.44897 2.1318 11.5 2.1318C14.551 2.1318 14.9226 2.1318 16.1352 2.19048C17.25 2.24915 17.8563 2.42517 18.267 2.58163C18.7951 2.79677 19.1862 3.03146 19.5969 3.44218C20.0077 3.85289 20.2423 4.22449 20.4575 4.75255C20.6139 5.16327 20.8095 5.76956 20.8486 6.88435C20.9073 8.09694 20.9073 8.46854 20.9073 11.5196C20.9073 14.5706 20.9073 14.9422 20.8486 16.1548Z" fill="#00FFCE"></path><path d="M11.5002 5.59375C8.23405 5.59375 5.59375 8.23406 5.59375 11.5002C5.59375 14.7664 8.23405 17.4067 11.5002 17.4067C14.7664 17.4067 17.4067 14.7664 17.4067 11.5002C17.4067 8.23406 14.7664 5.59375 11.5002 5.59375ZM11.5002 15.314C9.38796 15.314 7.66687 13.5929 7.66687 11.4807C7.66687 9.36841 9.38796 7.64732 11.5002 7.64732C13.6125 7.64732 15.3335 9.36841 15.3335 11.4807C15.3335 13.5929 13.6125 15.314 11.5002 15.314Z" fill="#00FFCE"></path><path d="M17.6406 3.98975C16.8778 3.98975 16.252 4.6156 16.252 5.37835C16.252 6.14111 16.8778 6.7474 17.6406 6.7474C18.4033 6.7474 19.0096 6.12155 19.0096 5.37835C19.0096 4.63515 18.3838 3.98975 17.6406 3.98975Z" fill="#00FFCE"></path></svg> </a> <a aria-label="Visit our LinkedIn profile" href="https://www.linkedin.com/company/sucuri-security"> <svg xmlns="http://www.w3.org/2000/svg" width="23" height="23" viewBox="0 0 23 23" fill="none"><path d="M0.445161 23H4.89677V7.04375H0.445161V23ZM2.67097 0C1.1871 0 0 1.15 0 2.5875C0 4.025 1.1871 5.175 2.67097 5.175C4.15484 5.175 5.34194 4.025 5.34194 2.5875C5.34194 1.15 4.15484 0 2.67097 0ZM12.4645 9.4875V7.04375H8.0129V23H12.4645V14.8063C12.4645 10.2063 18.5484 9.91875 18.5484 14.8063V23H23V13.225C23 5.4625 14.5419 5.75 12.4645 9.4875Z" fill="#00FFCE"></path></svg> </a> <a aria-label="Visit our YouTube profile" href="https://www.youtube.com/SucuriSecurity"> <svg xmlns="http://www.w3.org/2000/svg" width="30" height="21" viewBox="0 0 30 21" fill="none"><path d="M28.5264 3.64516C28.2012 2.42561 27.2041 1.45838 25.9469 1.12195C23.6708 0.533203 14.5667 0.533203 14.5667 0.533203C14.5667 0.533203 5.4625 0.533203 3.18646 1.12195C1.92922 1.43735 0.953767 2.40458 0.606942 3.64516C-2.64865e-06 5.85296 0 10.4999 0 10.4999C0 10.4999 -2.64865e-06 15.1257 0.606942 17.3546C0.932091 18.5741 1.92922 19.5414 3.18646 19.8778C5.4625 20.4665 14.5667 20.4665 14.5667 20.4665C14.5667 20.4665 23.6708 20.4665 25.9469 19.8778C27.2041 19.5414 28.1796 18.5952 28.5264 17.3546C29.1333 15.1257 29.1333 10.4999 29.1333 10.4999C29.1333 10.4999 29.1333 5.87399 28.5264 3.64516ZM11.597 14.6842V6.2735L19.2054 10.4788L11.597 14.6842Z" fill="#00FFCE"></path></svg> </a> <a aria-label="Visit our Threads profile" href="https://www.threads.net/@sucurisecurity"> <svg xmlns="http://www.w3.org/2000/svg" width="21" height="23" viewBox="0 0 21 23" fill="none"><path d="M10.6248 23H10.618C7.11116 22.977 4.4152 21.8452 2.60353 19.6372C0.99262 17.6717 0.160232 14.9366 0.132812 11.5096V11.4933C0.162191 8.06342 0.993599 5.33121 2.60549 3.36471C4.4152 1.15479 7.11312 0.023 10.6189 0H10.6326C13.3217 0.0191667 15.5712 0.694792 17.3172 2.01058C18.9595 3.24683 20.116 5.01017 20.7535 7.24979L18.7558 7.79508C17.6746 4.00008 14.9385 2.06042 10.6238 2.03071C7.77413 2.05179 5.61972 2.92771 4.21935 4.6345C2.90907 6.233 2.23239 8.54258 2.20595 11.5C2.23239 14.4574 2.90907 16.767 4.22033 18.3655C5.6207 20.0742 7.77609 20.9511 10.6248 20.9693C13.1935 20.9501 14.8925 20.3646 16.3046 19.0095C17.9175 17.4637 17.8891 15.5662 17.372 14.4114C17.0685 13.731 16.5171 13.1656 15.7719 12.7343C15.5839 14.03 15.1628 15.0784 14.5145 15.87C13.6469 16.9261 12.4189 17.503 10.8618 17.5854C9.68471 17.6477 8.54972 17.3765 7.67033 16.8178C6.62935 16.1575 6.02024 15.1503 5.95463 13.9773C5.89098 12.8369 6.35418 11.7875 7.25707 11.0237C8.11884 10.2954 9.33216 9.867 10.7658 9.7865C11.7538 9.72614 12.7455 9.77177 13.7233 9.92258C13.5999 9.2115 13.356 8.64608 12.9888 8.23879C12.4864 7.67721 11.7079 7.39258 10.6787 7.38587H10.6503C9.82376 7.38587 8.69955 7.60821 7.98566 8.65088L6.26506 7.52004C7.22476 6.12663 8.77985 5.35804 10.6503 5.35804H10.6934C13.8212 5.37721 15.6848 7.25075 15.8708 10.5215C15.9766 10.5656 16.0823 10.6116 16.1852 10.6576C17.6443 11.3285 18.7117 12.3453 19.2738 13.5997C20.0543 15.3439 20.1268 18.1901 17.7579 20.4595C15.9462 22.194 13.7487 22.978 10.6317 22.999L10.6248 23ZM11.607 11.7971C11.37 11.7971 11.1301 11.8038 10.8833 11.8172C9.08539 11.9159 7.96509 12.7238 8.02776 13.8709C8.09338 15.0746 9.44968 15.6333 10.7541 15.5643C11.9527 15.502 13.5137 15.0439 13.7761 12.0089C13.0628 11.8633 12.3357 11.7923 11.607 11.7971Z" fill="#00FFCE"></path></svg> </a> </div> </div> </div> </div> <div class="sucuri-footer-revamp child"> <div class="footer-menu-revamp-container"> <div class="outer-item"> <a class="link-parent" href="https://sucuri.net/website-security/"> Products </a> <div class="inner-repeater-wrapper"> <a class="link-child" href="https://sucuri.net/website-firewall/"> Website Firewall </a> <a class="link-child" href="https://sucuri.net/website-security-platform/"> Website Security Platform </a> <a class="link-child" href="https://sucuri.net/wordpress-security/"> WordPress Security </a> <a class="link-child" href="https://sucuri.net/website-backups/"> Website Backups </a> <a class="link-child" href="https://sucuri.net/website-security-platform/help-now/"> Hack Assistance </a> <a class="link-child" href="https://sucuri.net/website-security-platform/signup"> Pricing </a> </div> </div> <div class="outer-item"> <a class="link-parent" href="https://sucuri.net/ddos-protection/"> Solutions </a> <div class="inner-repeater-wrapper"> <a class="link-child" href="https://sucuri.net/ddos-protection/"> DDoS Protection </a> <a class="link-child" href="https://sucuri.net/malware-detection-scanning/"> Malware Detection </a> <a class="link-child" href="https://sucuri.net/website-malware-removal/"> Malware Removal </a> <a class="link-child" href="https://sucuri.net/intrusion-detection-system/"> Malware Prevention </a> <a class="link-child" href="https://sucuri.net/website-security-platform/blocklist-removal-and-repair/"> Blacklist Removal </a> <a class="link-child" href="https://sucuri.net/seo-spam-removal/"> SEO Spam Removal </a> <a class="link-child" href="https://sucuri.net/wordpress-security-plugin/"> Wordpress Security Plugin </a> </div> </div> <div class="outer-item"> <a class="link-parent" href="#"> USE CASES </a> <div class="inner-repeater-wrapper"> <a class="link-child" href="https://sucuri.net/developers/"> Developers </a> <a class="link-child" href="https://sucuri.net/ecommerce-website-security/"> Ecommerce </a> <a class="link-child" href="https://sucuri.net/custom/agency/"> Agency Plans </a> <a class="link-child" href="https://sucuri.net/custom/agency/"> Enterprise Services </a> <a class="link-child" href="https://sucuri.net/http-2-rapid-reset/"> HTTPS/2 </a> <a class="link-child" href="https://sucuri.net/virtual-patching/"> Virtual Patching </a> </div> </div> <div class="outer-item"> <a class="link-parent" href="https://docs.sucuri.net/"> Support </a> <div class="inner-repeater-wrapper"> <a class="link-child" href="https://docs.sucuri.net/"> Knowledge Base </a> <a class="link-child" href="https://sitecheck.sucuri.net/"> SiteCheck </a> <a class="link-child" href="https://sucuri.net/guides/"> Guides </a> <a class="link-child" href="https://labs.sucuri.net/"> Research Labs </a> <a class="link-child" href="https://abuse.sucuri.net/"> Report Abuse </a> <a class="link-child" href="https://status.sucuri.net/"> Status Report </a> </div> </div> <div class="outer-item"> <a class="link-parent" href="https://sucuri.net/company/"> Company </a> <div class="inner-repeater-wrapper"> <a class="link-child" href="https://sucuri.net/company/"> About Sucuri </a> <a class="link-child" href="https://sucuri.net/company/contact-us/"> Contact </a> <a class="link-child" href="https://blog.sucuri.net/"> Blog </a> <a class="link-child" href="https://sucuri.net/referral/"> Referral </a> <a class="link-child" href="https://sucuri.net/partners/"> Partners </a> <a class="link-child" href="https://sucuri.net/customers/"> Testimonials </a> </div> </div> <div class="outer-item"> <a class="link-parent" href="#"> Definitions </a> <div class="inner-repeater-wrapper"> <a class="link-child" href="https://sucuri.net/definitions/"> Firewall </a> <a class="link-child" href="https://sucuri.net/definitions/"> Bots </a> <a class="link-child" href="https://sucuri.net/definitions/"> Security </a> </div> </div> </div> </div> <div class="policy-container"> <div class="flex-menu"> <a href="https://sucuri.net/terms/">Terms of Use</a> <a href="https://sucuri.net/privacy/">Privacy Policy</a> <a href="https://sucuri.net/cookies/">Do Not Sell My Personal Information</a> <a href="https://sucuri.net/faq/">Frequently Asked Questions</a> </div> </div> <p class="copyright">© 2024 GoDaddy Mediatemple, Inc., d/b/a Sucuri. All rights reserved.</p> <div class="back-to-top-mobile"> <a title="Going Top" href="#top"> <svg xmlns="http://www.w3.org/2000/svg" width="42" height="42" viewBox="0 0 42 42" fill="none"> <circle cx="21" cy="21" r="20.5" fill="#02141B" stroke="white"/> <path d="M21 17.3202L29.0133 24.7468C29.0779 24.8079 29.1546 24.8562 29.2389 24.889C29.3232 24.9217 29.4135 24.9382 29.5046 24.9375C29.5956 24.9368 29.6856 24.9188 29.7694 24.8848C29.8531 24.8507 29.9289 24.8012 29.9924 24.739C30.0559 24.6769 30.1058 24.6033 30.1393 24.5227C30.1728 24.442 30.1891 24.3558 30.1874 24.2691C30.1856 24.1824 30.1659 24.0969 30.1292 24.0175C30.0925 23.9381 30.0397 23.8664 29.9738 23.8066L21.4802 15.9358C21.3517 15.8167 21.1794 15.75 21 15.75C20.8206 15.75 20.6483 15.8167 20.5198 15.9358L12.0262 23.8066C11.9603 23.8664 11.9075 23.9381 11.8708 24.0175C11.8341 24.0969 11.8144 24.1824 11.8126 24.2691C11.8109 24.3558 11.8272 24.442 11.8607 24.5227C11.8942 24.6033 11.9441 24.6768 12.0076 24.739C12.0711 24.8012 12.1469 24.8507 12.2306 24.8848C12.3144 24.9188 12.4044 24.9368 12.4954 24.9375C12.5865 24.9382 12.6768 24.9217 12.7611 24.889C12.8454 24.8562 12.9221 24.8079 12.9867 24.7468L21 17.3202Z" fill="#13EAC0"/> </svg> </a> </div> <div class="back-to-top"> <div class="circle"> <a class="circle-flex" title="Going Top" href="#top"> <svg xmlns="http://www.w3.org/2000/svg" width="42" height="42" viewBox="0 0 42 42" fill="none"> <circle cx="21" cy="21" r="20.5" fill="#02141B" stroke="white"/> <path d="M21 17.3202L29.0133 24.7468C29.0779 24.8079 29.1546 24.8562 29.2389 24.889C29.3232 24.9217 29.4135 24.9382 29.5046 24.9375C29.5956 24.9368 29.6856 24.9188 29.7694 24.8848C29.8531 24.8507 29.9289 24.8012 29.9924 24.739C30.0559 24.6769 30.1058 24.6033 30.1393 24.5227C30.1728 24.442 30.1891 24.3558 30.1874 24.2691C30.1856 24.1824 30.1659 24.0969 30.1292 24.0175C30.0925 23.9381 30.0397 23.8664 29.9738 23.8066L21.4802 15.9358C21.3517 15.8167 21.1794 15.75 21 15.75C20.8206 15.75 20.6483 15.8167 20.5198 15.9358L12.0262 23.8066C11.9603 23.8664 11.9075 23.9381 11.8708 24.0175C11.8341 24.0969 11.8144 24.1824 11.8126 24.2691C11.8109 24.3558 11.8272 24.442 11.8607 24.5227C11.8942 24.6033 11.9441 24.6768 12.0076 24.739C12.0711 24.8012 12.1469 24.8507 12.2306 24.8848C12.3144 24.9188 12.4044 24.9368 12.4954 24.9375C12.5865 24.9382 12.6768 24.9217 12.7611 24.889C12.8454 24.8562 12.9221 24.8079 12.9867 24.7468L21 17.3202Z" fill="#13EAC0"/> </svg> <span> <p style="margin-top:0px !important; margin-bottom:0px !important;">back to top <svg xmlns="http://www.w3.org/2000/svg" width="20" height="10" viewBox="0 0 20 10" fill="none"> <path d="M10 1.57018L18.0133 8.99675C18.0779 9.0579 18.1546 9.10624 18.2389 9.13898C18.3232 9.17171 18.4135 9.1882 18.5046 9.18748C18.5956 9.18676 18.6856 9.16885 18.7694 9.13478C18.8531 9.10071 18.9289 9.05117 18.9924 8.98901C19.0559 8.92685 19.1058 8.85332 19.1393 8.77266C19.1728 8.692 19.1891 8.60582 19.1874 8.51911C19.1856 8.4324 19.1659 8.34688 19.1292 8.26749C19.0925 8.18811 19.0397 8.11644 18.9738 8.05663L10.4802 0.185786C10.3517 0.066655 10.1794 -3.93758e-07 10 -4.01598e-07C9.82063 -4.09439e-07 9.64833 0.0666549 9.51977 0.185786L1.02623 8.05663C0.960287 8.11644 0.907457 8.18811 0.870792 8.26749C0.834127 8.34688 0.814355 8.4324 0.812622 8.51911C0.810888 8.60582 0.827226 8.692 0.860693 8.77266C0.894159 8.85332 0.944088 8.92685 1.00759 8.98901C1.07109 9.05117 1.14691 9.10071 1.23065 9.13478C1.31438 9.16885 1.40439 9.18676 1.49544 9.18748C1.5865 9.1882 1.6768 9.17171 1.76112 9.13898C1.84544 9.10624 1.92211 9.0579 1.98669 8.99675L10 1.57018Z" fill="#13EAC0"/> </svg> </p> </span> </a> </div> </div> </div> </div> </div> </div> </div> </div> </section> </div> <script src="https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit" async defer></script> <script type='text/javascript'> // Define a function to be called when reCAPTCHA script is loaded function onRecaptchaLoad() { // Your code that uses grecaptcha var recaptchaElement = document.getElementsByClassName('g-recaptcha')[0]; if (recaptchaElement) { grecaptcha.render(recaptchaElement, { sitekey: '6LetGjkUAAAAAJZdUKrKJtingLJw5x0mY-O2VGf_', }); } else { console.error('reCAPTCHA element not found'); } } </script> <script type='text/javascript'> const lazyloadRunObserver = () => { const lazyloadBackgrounds = document.querySelectorAll( `.e-con.e-parent:not(.e-lazyloaded)` ); const lazyloadBackgroundObserver = new IntersectionObserver( ( entries ) => { entries.forEach( ( entry ) => { if ( entry.isIntersecting ) { let lazyloadBackground = entry.target; if( lazyloadBackground ) { lazyloadBackground.classList.add( 'e-lazyloaded' ); } lazyloadBackgroundObserver.unobserve( entry.target ); } }); }, { rootMargin: '200px 0px 200px 0px' } ); lazyloadBackgrounds.forEach( ( lazyloadBackground ) => { lazyloadBackgroundObserver.observe( lazyloadBackground ); } ); }; const events = [ 'DOMContentLoaded', 'elementor/lazyload/observe', ]; events.forEach( ( event ) => { document.addEventListener( event, lazyloadRunObserver ); } ); </script> <link rel='stylesheet' id='e-sticky-css' href='https://sucuri.net/wp-content/plugins/elementor-pro/assets/css/modules/sticky.min.css?ver=3.25.2' type='text/css' media='all' /> <script type="text/javascript" defer="defer" src="https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js" id="slick-js-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/themes/sucuriwp/js/navigation.js?ver=1628779856" id="sucuriwp-navigation-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/themes/sucuriwp/js/skip-link-focus-fix.js?ver=1628779856" id="sucuriwp-skip-link-focus-fix-js"></script> <script type="text/javascript" defer="defer" src="https://sucuri.net/wp-content/themes/sucuriwp/js/script.min.js" id="sucuriwp-js-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.25.2" id="e-sticky-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.2.1" id="smartmenus-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.25.2" id="elementor-pro-webpack-runtime-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.25.4" id="elementor-webpack-runtime-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.25.4" id="elementor-frontend-modules-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18" id="wp-hooks-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6" id="wp-i18n-js"></script> <script type="text/javascript" id="wp-i18n-js-after"> /* <![CDATA[ */ wp.i18n.setLocaleData( { 'text direction\u0004ltr': [ 'ltr' ] } ); /* ]]> */ </script> <script type="text/javascript" id="elementor-pro-frontend-js-before"> /* <![CDATA[ */ var ElementorProFrontendConfig = {"ajaxurl":"https:\/\/sucuri.net\/wp-admin\/admin-ajax.php","nonce":"fd6938db46","urls":{"assets":"https:\/\/sucuri.net\/wp-content\/plugins\/elementor-pro\/assets\/","rest":"https:\/\/sucuri.net\/wp-json\/"},"settings":{"lazy_load_background_images":true},"popup":{"hasPopUps":false},"shareButtonsNetworks":{"facebook":{"title":"Facebook","has_counter":true},"twitter":{"title":"Twitter"},"linkedin":{"title":"LinkedIn","has_counter":true},"pinterest":{"title":"Pinterest","has_counter":true},"reddit":{"title":"Reddit","has_counter":true},"vk":{"title":"VK","has_counter":true},"odnoklassniki":{"title":"OK","has_counter":true},"tumblr":{"title":"Tumblr"},"digg":{"title":"Digg"},"skype":{"title":"Skype"},"stumbleupon":{"title":"StumbleUpon","has_counter":true},"mix":{"title":"Mix"},"telegram":{"title":"Telegram"},"pocket":{"title":"Pocket","has_counter":true},"xing":{"title":"XING","has_counter":true},"whatsapp":{"title":"WhatsApp"},"email":{"title":"Email"},"print":{"title":"Print"},"x-twitter":{"title":"X"},"threads":{"title":"Threads"}},"facebook_sdk":{"lang":"en_US","app_id":""},"lottie":{"defaultAnimationUrl":"https:\/\/sucuri.net\/wp-content\/plugins\/elementor-pro\/modules\/lottie\/assets\/animations\/default.json"}}; /* ]]> */ </script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.25.2" id="elementor-pro-frontend-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3" id="jquery-ui-core-js"></script> <script type="text/javascript" id="elementor-frontend-js-before"> /* <![CDATA[ */ var elementorFrontendConfig = {"environmentMode":{"edit":false,"wpPreview":false,"isScriptDebug":false},"i18n":{"shareOnFacebook":"Share on Facebook","shareOnTwitter":"Share on Twitter","pinIt":"Pin it","download":"Download","downloadImage":"Download image","fullscreen":"Fullscreen","zoom":"Zoom","share":"Share","playVideo":"Play Video","previous":"Previous","next":"Next","close":"Close","a11yCarouselWrapperAriaLabel":"Carousel | Horizontal scrolling: Arrow Left & Right","a11yCarouselPrevSlideMessage":"Previous slide","a11yCarouselNextSlideMessage":"Next slide","a11yCarouselFirstSlideMessage":"This is the first slide","a11yCarouselLastSlideMessage":"This is the last slide","a11yCarouselPaginationBulletMessage":"Go to slide"},"is_rtl":false,"breakpoints":{"xs":0,"sm":480,"md":768,"lg":1025,"xl":1440,"xxl":1600},"responsive":{"breakpoints":{"mobile":{"label":"Mobile Portrait","value":767,"default_value":767,"direction":"max","is_enabled":true},"mobile_extra":{"label":"Mobile Landscape","value":880,"default_value":880,"direction":"max","is_enabled":false},"tablet":{"label":"Tablet Portrait","value":1024,"default_value":1024,"direction":"max","is_enabled":true},"tablet_extra":{"label":"Tablet Landscape","value":1200,"default_value":1200,"direction":"max","is_enabled":true},"laptop":{"label":"Laptop","value":1366,"default_value":1366,"direction":"max","is_enabled":false},"widescreen":{"label":"Widescreen","value":2400,"default_value":2400,"direction":"min","is_enabled":false}},"hasCustomBreakpoints":true},"version":"3.25.4","is_static":false,"experimentalFeatures":{"e_font_icon_svg":true,"additional_custom_breakpoints":true,"e_nested_atomic_repeaters":true,"e_optimized_control_loading":true,"e_onboarding":true,"e_css_smooth_scroll":true,"theme_builder_v2":true,"home_screen":true,"landing-pages":true,"nested-elements":true,"link-in-bio":true,"floating-buttons":true},"urls":{"assets":"https:\/\/sucuri.net\/wp-content\/plugins\/elementor\/assets\/","ajaxurl":"https:\/\/sucuri.net\/wp-admin\/admin-ajax.php","uploadUrl":"https:\/\/sucuri.net\/wp-content\/uploads"},"nonces":{"floatingButtonsClickTracking":"52632e2bd9"},"swiperClass":"swiper-container","settings":{"page":[],"editorPreferences":[]},"kit":{"active_breakpoints":["viewport_mobile","viewport_tablet","viewport_tablet_extra"],"global_image_lightbox":"yes","lightbox_enable_counter":"yes","lightbox_enable_fullscreen":"yes","lightbox_enable_zoom":"yes","lightbox_enable_share":"yes","lightbox_title_src":"title","lightbox_description_src":"description"},"post":{"id":1677,"title":"How%20to%20Clean%20a%20Hacked%20WordPress%20Site%20%7C%20Sucuri","excerpt":"Learn how to identify issues if you suspect your WordPress site has been hacked. Follow Sucuri Remediation Team Lead, Ben Martin, through the steps needed to clean your WordPress site and minimize the attack time.....","featuredImage":"https:\/\/sucuri.net\/wp-content\/uploads\/2019\/07\/23-sucuri-webinar-how-to-clean-a-hacked-wordpress-site-og-image.png"}}; /* ]]> */ </script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.25.4" id="elementor-frontend-js"></script> <script type="text/javascript" src="https://sucuri.net/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.25.2" id="pro-elements-handlers-js"></script> <script> // Define the container ID const containerId = 'firewall-container'; // Get the container element const container = document.getElementById(containerId); // Function to toggle the state function toggleRadioButtonsInContainer() { if (container) { // Check if the radio buttons are inside the container const firewallInput = container.querySelector('#firewall'); const platformInput = container.querySelector('#platform'); if (firewallInput && platformInput) { // Make the 'firewall' radio button checked and set aria-checked to true firewallInput.checked = true; firewallInput.setAttribute('aria-checked', 'true'); // Make the 'platform' radio button unchecked and set aria-checked to false platformInput.checked = false; platformInput.setAttribute('aria-checked', 'false'); } else { console.warn('Radio buttons not found inside the container.'); } } else { console.warn(`Container with ID '${containerId}' not found.`); } } // Call the function to toggle the state toggleRadioButtonsInContainer(); </script> </body> </html>

CINXE.COM

How to Clean a Hacked WordPress Site | Sucuri