Preventing reinfection after WordPress hack (AMP spam injection) | WordPress.org

Resolved vivienzzz24
(@vivienzzz24)

1 day, 4 hours ago
Hi Wordfence team,

I’m considering upgrading to Wordfence Premium for my website that was recently hacked.

The site had spam/AMP URLs injected, and we’ve already removed the malicious files and submitted the cleanup to Google Search Console. It’s currently in the recovery stage.

Before upgrading, I just want to confirm a few things:
- Can Wordfence detect and clean any hidden backdoors or reinfection scripts that might still exist?
- Will the firewall help prevent similar attacks (like file injection or spam URLs) from happening again?
- Are there any recommended steps after installing Wordfence to fully secure the site?
My main concern is making sure the issue won’t happen again after cleanup.

Thanks in advance for your advice!

Viewing 1 replies (of 1 total)

Plugin Support wfphil
(@wfphil)

21 hours, 20 minutes ago

Hi @vivienzzz24

You will need to patch the intrusion vector otherwise the same attacker, or even a different attacker, can just exploit the same vulnerability and reinfect your site again.

Please follow our site cleaning guide below:

https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

We are not allowed to discuss the premium version on the forum here so for any questions about that then you will need to send an email to presales@wordfence.com

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.

Tags

2 replies
2 participants
Last reply from: wfphil
Last activity: 21 hours, 20 minutes ago
Status: resolved