Recovering from a WordPress Infection

Recently I noticed that many of my wordpress based web sites (including this one) were running very slowly. I also noticed that my hosting company was limiting my CPU cycles (their way of balancing load). To increase speed, I installed a highly-rated caching program, which generated tons of errors. At first I blamed the plugin…then I realized what had happened.

All of my sites had been infected with what appeared to be an automated attack. Lovely. I found and followed instructions to clean the sites; eventually I simply deleted and reinstalled everything. Fortunately I keep good backups so this was not terrible (although I have a few broken links due to missing images–have to fix that when I find time).

In the process of doing all this, I've learned a number of things.

  2. Watch the speed of your site and monitor CPU cycle limitations imposed by the hosting company.
  3. Take note when odd things happen (for example, when a widely respected plugin fails to work).
  4. Sometimes it's easier to delete and reinstall than to clean!

Also I've learned a number of tricks to help prevent this from happening in the future. More on those tricks later–I'll probably post an article with links to the sources I used.


When was the last time you backed up your WordPress site?