Cleaning hacked sites

This article will give you some examples of plugins and users to look for when a site has been hacked, as well as how to add users to a WordFence blocklist. Delete any code plugins such as those list…

Zak Guy
Updated by Zak Guy

This article will give you some examples of plugins and users to look for when a site has been hacked, as well as how to add users to a WordFence blocklist.

  1. Delete any code plugins such as those listed below if they are not used for site functionality:
    WPCode Lite, WP Console
  2. Add any suspicious users to WordFence blocklist found at the following URL:
    wp-admin/admin.php?page=WordfenceWAF&subpage=waf_options

Common user list:

wpadminne

wp-configuser

seoengine

admin@zzna.ru

admingusar

cathycooper6t

christinelopezrs64

ismm

mr.josephbrownxv

wpcronecb81255

wpcron9c8fa8e9

w-padmine

danieltorres6r

joelbishopvx

adminsup

wpcron9e229796

wp_update-1716337410

shannonnortong5tb

Names in this list are only a guide and do not represent a full list of current usernames in use by hackers.

How did we do?

Force 404
Powered by HelpDocs (opens in a new tab)

Contact