Title: Issues after hack cleanup
Last modified: March 20, 2018

---

# Issues after hack cleanup

 *  Resolved [joviyach](https://wordpress.org/support/users/joviyach/)
 * (@joviyach)
 * [8 years, 2 months ago](https://wordpress.org/support/topic/issues-after-hack-cleanup/)
 * I have several WordPress sites on a shared hosting account. They were all hacked,
   and I decided to more or less start over. The problem I am running into is that
   after I have installed WordPress to either the root of public_html or a sub directory(
   it doesn’t matter which) going to any of the index.php pages shows the “Index
   of/” directory listing instead of the page. If I navigate to login, it gives 
   me the login page, and after I login if go to /wp-admin/post.php for example,
   that works too.
 * I think the problem lies in the .htaccess file(s) but I am not sure how to fix
   it. I did some Googling and tried creating a .htaccess file and placing it in
   the root per the instructions [here](https://codex.wordpress.org/Giving_WordPress_Its_Own_Directory)
   but that was only partially successful.
 * I wasn’t able to salvage the original .htaccess files; they were hacked too. 
   On a side note, I am also researching security and hardening best practices to
   try to avoid this in the future.

Viewing 4 replies - 1 through 4 (of 4 total)

 *  [RossMitchell](https://wordpress.org/support/users/rossmitchell/)
 * (@rossmitchell)
 * [8 years, 2 months ago](https://wordpress.org/support/topic/issues-after-hack-cleanup/#post-10093631)
 * You need to effectively purge your websites and then reinstall WordPress and 
   then recover your content. Of course at the very first step you change all the
   website management passwords, and the mySQL passwords, and make them all different.
 * Getting the “index of directory” means that there are no “index.html” or “index.
   php” files.
 * If you have not already read and acted upon this:
    `https://codex.wordpress.org/
   FAQ_My_site_was_hacked` then you really need to do that now.
 *  Thread Starter [joviyach](https://wordpress.org/support/users/joviyach/)
 * (@joviyach)
 * [8 years, 2 months ago](https://wordpress.org/support/topic/issues-after-hack-cleanup/#post-10094767)
 * I have completely deleted the databases and their corresponding users. The first
   thing I checked was for the presence of the index.php files in every location
   where there should be one. It actually shows up in the directory listing too,
   which I should have screen captured but unfortunately I purged the files again
   last night.
 * By following the instructions in the article that I linked in my original message(
   re: .htaccess) I was able to get the site to partially work; the front page was
   accessible by going to the URL, however when trying to go to the admin section
   of WordPress it dropped back out to the directory listing, where again there 
   was a index.php present but it just didn’t do anything.
 * Also, I eliminated browser cache as a suspect here by clearing the cache, and
   also trying on multiple devices.
 *  Thread Starter [joviyach](https://wordpress.org/support/users/joviyach/)
 * (@joviyach)
 * [8 years, 2 months ago](https://wordpress.org/support/topic/issues-after-hack-cleanup/#post-10096459)
 * I found some additional hacked .htaccess files higher up in the hierarchy. Removing
   those seems to have resolved my issues.
 *  [RossMitchell](https://wordpress.org/support/users/rossmitchell/)
 * (@rossmitchell)
 * [8 years, 2 months ago](https://wordpress.org/support/topic/issues-after-hack-cleanup/#post-10096587)
 * Good work.
    If you have not done this then you need to go through: [https://codex.wordpress.org/FAQ_My_site_was_hacked](https://codex.wordpress.org/FAQ_My_site_was_hacked)
   And then: [https://codex.wordpress.org/Hardening_WordPress](https://codex.wordpress.org/Hardening_WordPress)
 * Should you (or anyone else) be interested in the why and how of these hacks, 
   here are some historic reports:
    [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/)
   [http://smackdown.blogsblogsblogs.com/2012/11/14/hacked-on-hostpapa-or-netregistry/](http://smackdown.blogsblogsblogs.com/2012/11/14/hacked-on-hostpapa-or-netregistry/)
   [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/)
 * If you think it is appropriate could you mark this thread resolved.
    -  This reply was modified 8 years, 2 months ago by [RossMitchell](https://wordpress.org/support/users/rossmitchell/).

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Issues after hack cleanup’ is closed to new replies.

## Tags

 * [hacked](https://wordpress.org/support/topic-tag/hacked/)
 * [htaccess](https://wordpress.org/support/topic-tag/htaccess/)
 * [index.php](https://wordpress.org/support/topic-tag/index-php/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 4 replies
 * 2 participants
 * Last reply from: [RossMitchell](https://wordpress.org/support/users/rossmitchell/)
 * Last activity: [8 years, 2 months ago](https://wordpress.org/support/topic/issues-after-hack-cleanup/#post-10096587)
 * Status: resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics