Efficient way to check local WordPress php files and Database for malicious code? [duplicate]

Well if your concern is about the theme and data stored in the database, I suggest you also start with a “new install” of the theme.

And as far as the DB goes, I’ve had a similar experience where I took the hacked DB and installed it on my localhost, then exported the wp_users, wp_usermeta, wp_posts, and wp_postmeta tables ONLY.

Then I did a clean install (on the hosting server) of WP with a NEW DATABASE as well, and imported the wp_users, wp_usermeta, wp_posts, and wp_postmeta tables into my clean DB. Typically when a site gets hacked and the DB is affected, it’s the wp_options table that has problems.

Related Posts:

  1. Change WP-Login or WP-Admin
  2. Can I rename the wp-admin folder?
  3. What is the best method to close off the backend?
  4. Change Login URL Without Plugin
  5. Share same domain for wp-admin but for different website
  6. Securing wp-admin folder – Purpose? Importance?
  7. Can I rename the wp-admin folder?
  8. Options for restricting access to wp-admin
  9. How to change “wp-admin” to something else without search-replacing the core?
  10. Block access to wp-admin
  11. Should I add the IP of the server that hosts my sites to the list of authorized IPs in the wp-admin/.htaccess?
  12. FORCE_SSL_ADMIN not working
  13. Limit access to wp_admin
  14. I want to disable login of admin (/wp-admin) with email and make it accessible only with username
  15. password reset link being sent as HTTP?
  16. How to Change The WordPress Login URL Without Plugin
  17. 404 redirect wp-login and wp-admin after changing login url [closed]
  18. Logout USER form backoffice after 30 minutes of inactivity [closed]
  19. Do I have to face security problems if I changing default role to Contributor
  20. wp-admin folder removed by hacker [closed]
  21. Hide username discovery
  22. Renaming wp-admin without hard-coding it. Is it really possible?
  23. Need help for WordPress User Session Management?
  24. Is there a simple way to set wordpress site files back to out of the box?
  25. Developer/Designer asking for admin access
  26. Is WordPress secure enough for a multi-user article directory?
  27. How to log into WordPress via GET/POST
  28. Can I rename the wp-admin folder?
  29. CSRF attack to create USER
  30. Can I rename the wp-admin folder?
  31. Why WordPress not logout after I have close my browser?
  32. How to protect wp-admin from third party access?
  33. Couple questions about .htaccess, login page, updates
  34. is exposed wp-admin site a serious security vulnerability
  35. Can a user submit requests to wp-admin/admin.php without logging in?
  36. Changing the ‘wp-admin’ URL to whatever I want
  37. Unit testing in the WordPress backend (is_admin() is true)
  38. How can I improve the line break handling in the WYSIWYG editor?
  39. How do I change the login logo URL and hover title?
  40. js error on post editing page
  41. How to change the wording in wp-admin back-end?
  42. Add mass action to wp-admin/users.php
  43. Only allow administrators and editors to access wp-admin
  44. Bulk Delete Users Error uri too large
  45. Can you change the main heading of a page in the WordPress admin (without output buffering or JavaScript)?
  46. wp-admin – save options without refreshing?
  47. Change the Return URL from the Customizer
  48. How do you modify CSS files via admin panel?
  49. WooCommerce – filter by featured products in admin
  50. How to prevent parent admin page from appearring as a child admin page
  51. How to clone wp-admin and make a new dashboard controlled by your code?
  52. What is an “Options Framework” for WordPress
  53. show/hide toggle for subpages in wordpress admin area
  54. Additionally added URL params leading to “Invalid post type.” in the Admin Panel
  55. After login get “403 Forbidden”
  56. How to display a Ninja Form on the WordPress admin pages
  57. Show Welcome Panel on Dashboard for every user
  58. Is it possible to add an item the Post Publish panel?
  59. Weird problems after recovery from security breach
  60. 404 of wp-admin pages [closed]
  61. Detecting all admins that are logged in
  62. Add count for new registered user in Users tab
  63. How To Differentiate Drafted product and Publish Product through Color?
  64. Sortable columns and admin like interface for tables/report in custom plugin?
  65. WP admin page gives 404
  66. An update has caused my client’s site to be non-existent after new update of WordPress [closed]
  67. White screen of death in Dashboard after clean installation
  68. WordPress (admin) posts search GET request filter
  69. How can I replace dashboard.css and dashboard.min.css (not add new css)
  70. wp-admin throwing 500 errors after update to 4.2.1
  71. White screen of death for wp-admin and error for wp-login.php after entering credentials
  72. How to fix ob_end_flush() failed to send buffer of zlib output compression (1)?
  73. How to replace “Password Protected” text with icon in Admin
  74. Add and Remove Row Actions in an Existing WP_List_Table
  75. How can I prevent redirects from mysite/page to mysite/wp path/page?
  76. Add styles to wordpress admin on the Page List
  77. making users.php search include a specific user meta data field without messing with the SQL query itself
  78. Redirect an entire WordPress site on a subdomain, except wp-admin
  79. WordPress Admin Toolbar Disappeared when moved site to subfolder
  80. Admin sometimes redirects to HTTPS
  81. Hide user group filtering links
  82. auto generated robots.txt problem
  83. Change maxlength of link_description in dashbord link section?
  84. wordpress wp-admin/includes/shema.php file has been modify alone
  85. Broken Customizer page
  86. wp-admin going directly to 404
  87. How can I change block editors suggested links to display another url (i.e. from api.mysite to www.mysite)
  88. How to change labels in the projects page
  89. Can’t access Network Admin dashboard in wp-admin
  90. wp-admin won’t load for users behind a Barracuda F600 firewall
  91. Failed to load resource: the server responded with a status of 431 ()
  92. Database problem
  93. WordPress Admin Page Redirecting to Subdomain
  94. Remove Theme menu link from Admin Panel
  95. Unable to log in as admin
  96. Add files to wordpress admin panel footer
  97. WordPress Child problem in admin
  98. Images on admin backend not showing up
  99. Launch wordpress site to local computer from live website backed-up
  100. wp-admin won’t “remember me” in Chrome & Firefox