If you have unused or abandoned WordPress sites on your server, we recommend that you delete them. We will explain the reasons for this and how to delete an abandoned site.


Do you have an abandoned WordPress site or movable-enabled site on your server that you are not using?

Many servers allow multiple sites (domains or subdomains) on the server.
This means that a server contract can contain a large number of sites, and malware can spread to all sites on the server via sites that are no longer in use and are left unattended.

We recommend that you delete any unattended sites on your server as soon as possible.

Why are abandoned sites dangerous?

Abandoned sites may have known vulnerabilities because they are no longer in use, have not been logged into the admin panel for a long time, and therefore have not been updated with WordPress or plugins.

Hackers can find such sites through Google searches, etc., which are high performance and pick up any small site, and hack them.
(Even sites with low traffic can benefit from hacking because they can be used as a springboard for spamming, hacking other sites, or installing virus programs and having them downloaded via other sites.)

Once the vulnerability is breached and the WordPress site is tampered with, hackers can spread the infection via a backdoor to folders on all domains that share a root folder within a single server subscription.

(This type of malware is more common these days, and there are more and more cases where many sites in a server are affected by defacement at once.)

Delete abandoned sites

Hackers exploit vulnerabilities in the programs of abandoned sites to tamper with the server and install programs that perform various illegal activities.

For this reason, all files in the folder for the domain of the abandoned site on the server should be backed up and emptied as necessary to prevent vulnerabilities from being exploited.

Connect to the server with FTP software such as FileZilla, select (Ctrl+A) all the contents of the folder published on the web, right-click and delete.

The stored contents of the databases used by the site are not a direct cause of hacking, but there is little point in keeping them, so there is no problem in backing them up and then deleting them.

All sites on the server are regularly scanned for malware.

If one site on a server is infected with malware, it can spread to other sites.

If a site infected with malware appears on the server, we recommend that all other sites be scanned for malware and removed, and that all sites on the server be periodically scanned for malware and vulnerabilities, even if there are no malware symptoms at this time.

Free WordPress:Malware Scan & Security Plug-in [Malware and Virus Detection and Removal].

Related Posts:

  1. What to do if you have multiple WordPress sites on your server and find that they are infected with malware
    If you have multiple WordPress sites on your server and find that they are infected with malware, here is what to do....
  2. What to do when multiple (or all) sites on a single server are infected with malware
    We are seeing an increasing number of cases of multiple WordPress sites on multiple domains within a single server, all or many of which are infected with malware (viruses and tampering)....
  3. Spread of malware infection to WordPress sites due to neglect of old Movable Type
    Malware infection is not only a WordPress problem, but is common to all CMS. (WordPress stands out because of its overwhelming popularity, but…) There are an increasing number of cases where old Movable Type is left unattended on a server and malware infection spreads to WordPress sites from there....
  4. Reasons for repeated hacker defacement and malware infection on WordPress sites
    Once a WordPress site has been defaced by hackers, embedded malware, or infected with a virus, the site may be repeatedly defaced even after you think you have removed the malware. We will explain how to deal with such cases....
  5. Why does WordPress malware (tampering) spread to all sites in the server?
    I would like to explain why WordPress malware (tampering) spreads to all sites on the server....
  6. 5 operations that are at high risk of WordPress sites being hacked and tampered with.
    We will explain the five most dangerous ways to operate a WordPress site that can lead to it being hacked, defaced, sent to another site, or in the form of embedded malware. We hope that you will use this information as a lesson to the contrary....