• Post category:Wordpress
  • Reading time:3 mins read

Not all WordPress hacking are identical, but knowing the structure of the files that constitute a WordPress installation should help to clean up.

let’s have a look at it, and understand the directory structure.

We have a new WordPress installation here that hasn’t been installed as there is no wp-config.php file in the root directory.

In addition to various directory root files that manage authentication, web serving, and mail distribution, we have the three main folders: wp-admin, wp-content, and wp-includes.

Here’s a short description of each:
Wp-content-This is where files and directories which are relevant to this installation should end up. Plugins and themes and indeed all images posted to WordPress also have space in here.


Wp-admin– You could note that the URL is /wp-admin while signing in to the WordPress dashboard. The wp-admin folder holds all the WordPress files required to view and communicate with the WordPress backend.


Wp-includes- All general php classes and any WordPress based javascript files and libraries are found in this. Knowing all of this, we can begin to understand what the special characteristics of a WordPress install are as opposed to files and directories that can be quickly replaced.

The exclusive WordPress Installation material consists of:

  • A wp-config.php file which has details about our database.
  • A wp-content folder that includes our plugins, themes and uploads.
  • A database

This is unbelievable! Anything else can be replaced with a fresh copy of WordPress.org, and there will still be your website. So now we’ve reduced the number of files effectively scammed so we’ll go even further.

Let me give you an example! The plugins and themes are all available in the WordPress repository so that we can also access fresh copies of them(If you’re using premium themes or plugins you will, of course, need to get access to those again). This might be a time-consuming operation, but wouldn’t you like to spend the time right now?

I always use this as an opportunity when cleaning up a website to search to see if there are any plugins or themes which I don’t need. For instance, if I run a non-default theme, I can easily remove all the TwentyX themes that the WordPress provides.

Remember! we are trying to remove as many potential vulnerability targets as possible.

After that, when everything is said and done and you’re back online the last thing you need to do is run a full install scan.

Cleaning up hacked installations is never a pleasant process and with WordPress running more than 25 percent of the web, it is now becoming a very big target. But hopefully these tips will help to understand how to get a website back in service and that too so quickly.

I hope this content is helpful enough… If there is anything that you need to know don’t hesitate to contact us!

Till then keep learning and wait for our next blog!

Share Post on:

Leave a Reply