When you first build your WordPress site it'll certainly grow over time, acquiring new content, media files, users, themes, plugins, and more. These are all good things, but they can make your site vulnerable - it can become a good target for the attackers. For example, you may find intrusions in your plugin or theme files, or your WordPress core files can be infected...


So, you may want to go through your site and perform some basic clean-up tasks. It shouldn’t take you very long, and the result will be a site that’s more secure.


In this guide, we’ll walk you through a few steps to start cleaning up your site manually.


Step 1: Clean up your plugins and themes files

To perform this task, you may go to your WordPress dashboard and replace 1 plugin or theme at a time with the originals.


For example, to replace a plugin, please follow these steps:

  1. Download the plugin zip file from the respective sites
  2. Delete the plugin

    Important: Please do not delete a plugin/theme until you're sure you can get the originals. This is especially important for premium plugins/themes.

  3. Install plugin from the original zip file


Step 2: Enable Shield's Plugins/Themes Guard scanner

To enable this scanner, please go to Shield => Hack Guard module => and click the slider to enable Plugins/Themes Guard scanner. 


Read more about this scanner here.


Please note that you can also enable this scanner and then run the scan manually by using wizard (you'll see a button on the upper-righthand side next to the "Options"). Please see here.


Hint: This scanner is designed to detect and alert you about any changes made to your plugins/themes files after someone has gained access to them. We highly recommend you to always keep it on. 


Step 3: Clean up your WordPress Core files and folders

To perform this easy task, you can use the Shield scanners to replace core files, and remove files in your core directories that aren't WordPress files.

To do this, go to Shield => Hack Guard module and:

  1. Enable Core File scanner and "Auto Repair" option
  2. Enable Unrecognised Files scanner 

Please note that you can also enable these scanners and then run the scans manually by using wizard (you'll see a button on the upper-righthand side next to the "Options"). Please see here.


Hint: These scanners are designed to detect and alert you about any changes made to your WordPress core files. We highly recommend you to always keep them on. 


We also recommend you to read: