Manually restore infected site to a new host

I am trying to figure out the best thing to do to clean up my WordPress multisite install - I have WP Defender installed, but either I didn't have it set up correctly or I wasn't vigilant enough to keep ahead of things but short story is "malware" detected multiple times (although I don't think it ever affected frontend site operations) and my host has shut down the site until I get a third party clean up.

I am really considering moving hosts and just reinstalling WordPress and recreating the few active sites I have. I guess I wonder how feasible that option is, and what your expert recommendation is to secure my network to prevent future hacks.

How can I copy the site via FTP or cPanel and restore it on a new install with all the sub-sites

  • Huberson

    Hello Stacy,
    A possible option would be to access the site directory via cpanel or FTP, add below snippet to your .htaccess file to allow access to the site by only your specified IP.

    order deny,allow
    deny from all
    allow from <your ip>

    And request the host to put the site back online the time you perform a cleanup from the dashboard. Assuming the hosting put you online, you should be able to safely clean the site as you will be the only one having access to it.

    If the above is not possible, there's another long way to manually move to a new host which implies
    1- download your entire wordpress directory to your local computer so you can import/upload it later to the new host via FTP or cpanel - use FTP to upload files to WordPress .
    The content will usually be uploaded under a "public_html" folder and the import process is pretty much the same as the export.

    2- manually exporting the database using phpmyadmin

    3- On the new host create a new database(with same name, user, password from wp-config.php to avoid connection issues after restoring) and import the exported tables with phpmyadmin.
    An existing database can be used but all tables must be dropped/deleted and might require to update wp-config.php.

    You might also need to configure the domain on the new host to point to the directory where the old files where imported as well.

    Once the whole process complete you should be able to access the old site on the new host and perform a file scanning for the whole network, assuming the domain is the same and your database name, user and password match what in old wp-config.php.

    Regarding prevention, you can have a look at this article - WordPress Security: Tried and True Tips to Secure WordPress - for measures you can take to secure your network. And also apply the fixes suggested by Defender can help reduce the risks of infection.

    Kind regards,
    Huberson