So you’ve just discovered that your WordPress site has been taken over by something malicious, maybe even *diabolical*. That’s what happened to me. One day my beautiful site was buzzing along; the next, every file had creepy names ending in __bdcc135. Yes, I was hacked. Big disappointment. But don’t panic: I was still able to tell the story. And I’m going to show you exactly how I cleaned it up and came out the other side with a fresh, brand new site.
TL; DR
My WordPress site was hit by malware that renamed all files with a stranger __bdcc135 suffix. I completely wiped everything, reinstalled WordPress and restored my content from a backup. It wasn’t fun, but it was definitely doable. Here’s how I did it with just a touch of technical knowledge and lots of coffee.
Step 1: Realizing that something was seriously wrong
I opened my browser to check my site and boom: white screen. The dreaded WSOD (White Screen of Death). I logged into my hosting account and looked at my file manager. My themes, plugins and even core WP files have been renamed with __bdcc135 at the end. It looked like a haunted house in code form.
Normally your WordPress files have neat names, such as index.php. Mine said things like index.php__bdcc135. Spooky things. I tried accessing wp-admin but no dice. That malware had eaten everything.
Step 2: Don’t Panic: Back up what you can
Even though the site was a total mess, I knew there were still valuable things hidden inside, like my media uploads and maybe even my database. The first thing I did:
- Logged into my hosting control panel
- Start phpMyAdmin
- Exported the entire WordPress database
This was like saving the brains of the site. Still works and still contains valuable posts, pages and plugin settings.
Then I grabbed mine wp-content/uploads folder. This had all my images. Good thing: the malware hadn’t reached that directory… yet.
Step 3: Destroy it from orbit (it’s the only way to be sure)
Once I had my backups, it was time to burn everything. Serious. That malware had infected every core file, theme, plugin, you name it. There was no point in fixing it. This is what I did:
- Deleted every single file in the WordPress folder
- Removed all plugins and themes
- File permissions checked for anything suspicious
Basically, if it was a file or folder on the server, it had to disappear. Everything. It felt… cleansing.
Step 4: Reinstall WordPress (The Fresh Start)
This is the fun part. It’s like wiping the slate clean. Reinstalling WordPress felt like moving into a new apartment after your old one was overrun by virtual raccoons.
Reinstall:
- The latest WordPress ZIP downloaded from wordpress.org
- I uploaded it to my server via FTP
- Unpacked and removed wp-content folder (we use the old one!)
- Edited wp-config.php with my old database details
Tree. My site structure was back: clean, malware-free and faster than ever.
Step 5: Scan everything before using it again
Before restoring any of my backup files, I wanted to make sure they were clean. There’s no point in putting a virus back into your shiny new WordPress installation.
- All media files run through an antivirus and malware scanner
- Database checked for suspicious code injection (such as base64 or eval instructions)
- Manually reviewed anything that looked sketchy
Once I was satisfied that everything was clean, I restored the car uploads folder. As for the plugins and themes, I re-downloaded them all instead of using old ones.
Step 6: Secure things like a pro
Now that the bad guys were booted up, it was time to make sure they couldn’t just waltz back in. I changed my humble site to Fort Knox:
- Installed a top-rated security plugin (such as Wordfence or Sucuri)
- Limited login attempts
- All passwords changed: admin, FTP, database, everything
- Added two-factor authentication (2FA).
- Tightened file permissions
I also enabled automatic core updates. Why? Because sometimes vulnerabilities exist in WordPress and it’s easy to fall behind.
Step 7: Check Google and other blacklists
Even though the site was now spotless, I had to be sure it wasn’t considered dangerous out there in the wild. I checked Google’s Safe Browsing site and luckily I wasn’t blacklisted. If so, you can request a review once your site has been cleaned up.
Also submitted my new site to:
- Google Search Console
- Bing Webmaster Tools
This helped re-index my site and reset my internet reputation from “scary cyberzone” to “friendly neighborhood blog.”
Final Thoughts: Lessons learned the hard way
This whole ordeal has taught me a few things:
- Always back up regularly: you never know when disaster will strike
- Keep WordPress Up to Date – Seriously, stop ignoring that update button
- Use a security plugin: prevention is much better than cleanup
- Do not reuse passwords. Hackers love it when you do that
Resetting my WordPress site wasn’t how I wanted to spend my weekend, but honestly, it turned out to be a blessing in disguise. My site is now faster, more secure and neater. Plus, I have a reputation for being that one friend who *actually* knows how to fix websites.
If it happens to you…
If you ever find yourself staring at a broken WordPress site, filled with weird files like __bdcc135don’t panic. Follow the steps. Back up what’s important. Wipe away the rot. Start again. You got this!
Thanks for following us, and remember: if you’re unsure: Destroy it from orbit and rebuild smarter.
Where should we steer?
Your WordPress deals and discounts?
Subscribe to our newsletter and receive your first deal straight to your email inbox.
#reset #WordPress #site #malware #infection #replaced #files #suffixes #__bdcc135 #Newsify