What files are safe to delete after a security breach in WP content folder?

The only safe thing to do is to restore the site from a known clean backup. Hacker could have inserted backdoor users or other vulnerabilities in your DB, something you are not going to be able to find based on any list of files, which means that even if you remove all files which obviously are “bad”, it will not take long before the hacker will hack your site again.

Once restored, remove write permissions that the web server might have from all directories except for the uploads directory. This way even if you are breached again at least the hacker will not be able to modify your code files.

Related Posts:

  1. Creating directory in uploads – wp_mkdir_p() or WP_Filesystem?
  2. Convenient way to use wp_filesystem
  3. Is there a WP Way of getting a filehandle?
  4. Is fopen() forbidden in WP?
  5. Converting fopen/fwrite operations to WP_filesystem
  6. Is it bad to store many files in a single folder?
  7. External pages redirecting back to wordpress
  8. WordPress Login doesnt respond after using Filezilla to upload my files on the server
  9. List of files/folders writable by the web server?
  10. Save PDF File From Plugin to Filesystem /wp_upload
  11. accessing files in custom folder in wordpress
  12. What dependencies should I load and to use the WP_Filesystem?
  13. Failed opening required
  14. Correct file permissions for in-browser updates using WP-CLI
  15. WordPress installation on digitalocean eating the server storage
  16. Serve contents from Nextcloud / WebDAV
  17. temphangle variable missing when using wp_filesystem copy
  18. File ownership for file tree php user ID – Folder permission 775
  19. How to write to a text file and save it in a folder for later download?
  20. 403 Error on “/”
  21. Get names and paths from unzip_file()
  22. Should I use Filesystem API for reading files or listing directories?
  23. saving file to external server vip
  24. Time limited file download upon form submit
  25. Does unzip_file() over-write by default?
  26. What is the difference between the .po .mo and .pot localization files?
  27. Where to store PHP files created by plugin / themes
  28. How to convert the file path to a URL of the same file?
  29. Do WordPress Core Filenames Work as Hooks?
  30. How to give image source in wordpress page editor?
  31. add/apend templates ‘transparently’ via plugin to currently active theme or child theme?
  32. delete uploaded file
  33. How to configure WP filesystem access in Linux (Ubuntu Server)?
  34. Necessary user, group and permissions for core updates
  35. Moving wp-content outside of web root?
  36. Why do I get undefined function export_wp()?
  37. $wp_filesystem returns NULL. What are the dependencies?
  38. Merging PHP download script into `functions.php`
  39. How do I edit the php/html for a particular post?
  40. Uploading non-media files?
  41. Setting wp_temp_dir and permissions not working for “Missing A Temporary Folder” error
  42. Which actions can update/change .php files?
  43. wp_temp_dir does not change the /tmp temporary default directory
  44. wp-config.php file permissions
  45. Standard permissions for wordpress; Plugin installation asks for FTP credentials
  46. sanitize attachment filename
  47. How to move WordPress theme files into a subfolder without breaking the theme?
  48. How do I maintain static directories on multisite subdomains?
  49. Uploading Media gives error “Missing a temporary folder.”
  50. What are the hierarchy of filenames while initialising a WordPress plugin?
  51. What is the best way to move a plugin´s subdirectory+files to wp-content/uploads-directory?
  52. Can’t write pdf file to upload directory using FPDF
  53. Change default uploads file using wp Skeleton
  54. Securing a multi-user permission structure
  55. Installation failed: Could not create directory – CentOS 7
  56. Relative file paths in CSS when linking directly (not enqueuing)
  57. Adding Adobe files to a wordpress site [closed]
  58. Placing assets for external use
  59. How to check if txt file exists inside template folder?
  60. Can I delete `wp-config-sample.php` after installing and configuring WordPress?
  61. Files automatically added
  62. WordPress HTTP Error on File upload
  63. What permissions should I give directories if I want to make WordPress more secure?
  64. Where do I save widget code for wordpress?
  65. Plugin writing: access file that was just uploaded
  66. How to implement filesystem cache in WordPress
  67. Interface for logged-in users to upload/download files
  68. Image URLs stopped working due to Permalinks?
  69. “dashboard”-named PHP file doesn’t get included
  70. How to first edit in local WordPress editor on page and the add code?
  71. WordPress and plugins can’t update (“inconsistent file permissions” error)?
  72. How to block access to files without modifying .htaccess or ngnix config? [closed]
  73. Why is server preventing admin styles? (Was: Where are WordPress sessions saved?)
  74. How to know which ajax file or function is called for action
  75. Running WordPress as FTP user?
  76. Alternative to file_get_contents() for theme operations
  77. Can WP plugins access files outside the installation folder?
  78. How to replace file_get_contents() with a WordPress Filesystem call
  79. Is it better to store images and other files in the root directory or the theme directory
  80. How to edit php code in WordPress Post file?
  81. Theme, WordPress Version, MySQL Version, PHP Version Update affected files and folders
  82. Running rmdir function on post save
  83. Does WordPress create a new Linux user when creating a new WordPress blog?
  84. WordPress Creates Unused (Unregistered) Image Sizes
  85. Why does WP load so many files in the head of source code? How do I optimize it?
  86. Adding regular php file to site
  87. Should I store critical css in the database or in my theme’s filesystem?
  88. Look for a file in a theme before loading from plugin
  89. Removing the references to the wp-content folder
  90. Right way to download file from source to destination
  91. get_template_directory() returns wrong address on VPS
  92. Cleaning a filename after image sideloading a url that contains `%20`
  93. Generating and downloading files with WP API
  94. Page to show a link to every file in an directory
  95. Uploaded images result in a file url with full path on disk appended
  96. How to prevent users to view server files using WP File Manager plugin?
  97. Save media files (images) to database instead of the filesystem
  98. Where to store sensitive uploaded file?
  99. How to handle a lot of media files in the uploads folder? (+10.000)
  100. Downloadable content file structure
Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)