Yeah I browsed though my WP folder and noticed some malicious files that were php backdoor files. There were several of them. I rolled everything back to a clean state except the database. Reset all important passwords just in case and installed Wordfence and a activity logger to hopefully catch this faster next time, which is causing it’s own issue but I’ll deal with that later.
I didn’t roll back my database because there’s a lot of data I can’t really loose. Do y’all think it’s something I should look though. Would a hacker have made changes to the database? Should I change the database password?
Also what’s the best way to start narrowing down which part of my site was infuriated.
