Title: hosting infected Last modified: October 8, 2017 --- # hosting infected * [ketanco](https://wordpress.org/support/users/ketanco/) * (@ketanco) * [8 years, 7 months ago](https://wordpress.org/support/topic/hosting-infected/) * My hosting provider told me that there are infections in my websites within my hosting How can I check and find the infected files or just bad files? How to scan? Viewing 9 replies - 1 through 9 (of 9 total) * Moderator [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/) * (@sterndata) * Volunteer Forum Moderator * [8 years, 7 months ago](https://wordpress.org/support/topic/hosting-infected/#post-9567250) * Install the plugin “WordFence” to scan your site. * Take a deep breath and carefully follow [this guide](https://codex.wordpress.org/FAQ_My_site_was_hacked). When you’re done, you may want to implement some (if not all) of [the recommended security measures](https://codex.wordpress.org/Hardening_WordPress). * If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple. * [Achyuth Ajoy](https://wordpress.org/support/users/achyuthajoy/) * (@achyuthajoy) * [8 years, 7 months ago](https://wordpress.org/support/topic/hosting-infected/#post-9567263) * Hi, Wordfence plugin can scan your files for malware. But since your site is already infected, Wordfence can’t do much. * The best way is to backup your database & wp-content/uploads (make sure you erase all files except image files from the uploads directory before backup). Then install a new copy of WordPress, restore wp-content/uploads & database. * Tighten file permissions on the server & install and configure any security plugins like Wordfence. * [Adam](https://wordpress.org/support/users/adamlachut/) * (@adamlachut) * [8 years, 7 months ago](https://wordpress.org/support/topic/hosting-infected/#post-9567282) * IMHO that kind of advice does not help too much. [@ketanco](https://wordpress.org/support/users/ketanco/) wrote about website**s**, we do not know how many websites does he has, what kind of etc. Secondly, reinstalling WP with same versions of plugins may not help, for example, he may have some plugins in vulnerable versions. At third, there are much more things to take care of, like database password: if this password is compromised and if there is phpmyadmin installed and available on this server, someone who knows DB password may easily login to this WP. Etc. * Thread Starter [ketanco](https://wordpress.org/support/users/ketanco/) * (@ketanco) * [8 years, 7 months ago](https://wordpress.org/support/topic/hosting-infected/#post-9569619) * okay so what Achyuth Ajoy said seems like the most straightforward approach and yes from then on i will also follow the avices in the links as Steve suggested and Adam mentioned in their posts. * In other words, I will just delete the whole thing, only keep my pictures in wp-content/uploads, and then reinstall my wordpress and theme, and upload latest versions of plugins and reset all my passowords. make sense? * i mean, i will try scanning with wordfence first anyway but this seems like the most straightforward and safest approach right? * Moderator [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/) * (@sterndata) * Volunteer Forum Moderator * [8 years, 7 months ago](https://wordpress.org/support/topic/hosting-infected/#post-9569737) * No. The best approach is to delete and replace from good sources all .php files and look through your posts and pages for malicious javascript. I agree wit adam only in that you should change *all* passwords, for your database and for every user. * Thread Starter [ketanco](https://wordpress.org/support/users/ketanco/) * (@ketanco) * [8 years, 7 months ago](https://wordpress.org/support/topic/hosting-infected/#post-9569768) * When you said “The best approach is to delete and replace from good sources all. php files and look through your posts and pages for malicious javascript.” it means scanning with wordfence? and what is “good source”? * sorry if i ask too much * Moderator [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/) * (@sterndata) * Volunteer Forum Moderator * [8 years, 7 months ago](https://wordpress.org/support/topic/hosting-infected/#post-9569811) * Good source means downloading and replacing .htaccess and all themes and plugins and the WP code itself, per the link(s) in my original reply. WordFence will help you detect files that don’t belong, but won’t check the database, You’ll need to look at each post/page — in text mode — to look for stuff that doesn’t belong. * Thread Starter [ketanco](https://wordpress.org/support/users/ketanco/) * (@ketanco) * [8 years, 7 months ago](https://wordpress.org/support/topic/hosting-infected/#post-9569977) * okay yes i was downloading all themes and plugins from wordpress but will reset anyway. and i didnt think database would be infected though. i have really good password for that. wordfence will scan just files and folders right? and how do i scan the database? * Moderator [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/) * (@sterndata) * Volunteer Forum Moderator * [8 years, 7 months ago](https://wordpress.org/support/topic/hosting-infected/#post-9569996) * > You’ll need to look at each post/page — in text mode — to look for stuff that > doesn’t belong. Viewing 9 replies - 1 through 9 (of 9 total) The topic ‘hosting infected’ is closed to new replies. * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 9 replies * 4 participants * Last reply from: [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/) * Last activity: [8 years, 7 months ago](https://wordpress.org/support/topic/hosting-infected/#post-9569996) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics