WordPress is the most script on Hack.
If your site is already hacked and infiltrated by malware, here we provide tips on how to improve the security of wordpress.
1. Usually, the hacker will upload his files to subfolder / subdirectory so it is difficult for the admin to check one by one subdirectory. For that, if you use wordpress then simply focus on investigating files located on / wp-content / uploads /
2. In the UPLOADS subdirectory there is only the image file, which means that if there are files other than image files like .php, html and others, then you should delete them from that directory.
3. Check whether the wp-config.php file is correct. Try to change wp-config.php to the default wordpress setting, anywhere it can fit wp-config-sample with your database settings.
4. Delete all files except wp-config.php files and files in / wp-content / uploads /
5. Upload the latest WordPress files and your site will return to normal.
6. If you want to install the Themes / plugins from the party that can be held responsible like the original developer and always upgrade. Error uploading themes / plugins that have a security hole will make your hosting account hacked back hacked with ease.
Do the above steps on all the websites in your account. Because it could be the file berapada other directories in your account.