Google safe browsing
Anyone ever been marked as unsafe? Apparently my server has been hacked. I went to check in this afternoon and a big red screen pops up "Deceptive Site Ahead."
After clicking through some links and signing into google search panel, I was able to find some nasty malware in the plugins directory of my wordpress installation. Further checking around showed me more malware hidden in each of my domains public directories. Disguised with names like "about.php," "wp-editor" "send.php" "wp-l0gin.php" and some other randomly generated wp- files and folders.
I checked the access logs and it doesn't appear that anyone has logged into my server besides me. My general feeling is that the intrusion is a result of the recent wordpress upgrade to 6.4, since the upgrade and intrusion happened around the same time, and the malware was placed inside of wordpress and creates files to mimic wordpress.
I'm sad to report that the affected site is protected by wordfence, so I'll be seeking other security options.
At this point I'm watching very closely to see if there are any signs of malware reappearing, but I'm thinking about reinstalling everything just to be on the safe side. I have backups. Slightly dated so I'll lose a little work but not too much. Probably safer that the backups are a bit old since it's less likely they'll be contaminated by any new exploits.
After a site has been placed on Google's Safe Browsing advisory list and marked as deceptive, how long and how much effort will it take to get that status removed?
Will deleting the offensive files be enough to earn a good reputation or should I just go ahead and reinstall?
Is it even worth the headache trying to deal with it or should I just move on and mark the domain as a loss?