How I Reset My WordPress Site After a Malware Infection That Replaced All Files With “__bdcc135” Suffixes
So, you’ve just discovered your WordPress site’s been taken over by something evil—maybe even *diabolical*. That’s what happened to me. One day, my lovely site was humming along; the next, every file had creepy names ending in __bdcc135. Yup, I’d been hacked. Major bummer. But don’t panic—I lived to tell the tale. And I’m going to walk you through exactly how I cleaned it up and came out the other side with a fresh, brand-new site.
TL;DR
My WordPress site got hit by malware that renamed all the files with a strange __bdcc135 suffix. I completely wiped everything, reinstalled WordPress, and restored my content from backup. It wasn’t fun, but it was totally doable. Here’s how I did it with just a dash of tech know-how and a lot of coffee.
Step 1: Realizing Something Was Seriously Wrong
I opened my browser to check my site, and boom—white screen. The dreaded WSOD (White Screen of Death). I logged into my hosting account and looked at my file manager. My themes, plugins, and even core WP files were renamed with __bdcc135 at the end. It looked like a haunted house in code form.
Normally, your WordPress files have tidy names like index.php. Mine said things like index.php__bdcc135. Spooky stuff. I tried to access wp-admin, but no dice. That malware had eaten everything.
Step 2: Don’t Panic—Backup What You Can
Even though the site was a total mess, I knew there were still some valuable things buried in there—like my media uploads and maybe even my database. First thing I did:
- Logged into my hosting control panel
- Fired up phpMyAdmin
- Exported the entire WordPress database
This was like saving the brain of the site. Still functioning, still containing precious posts, pages, and plugin settings.
Then I grabbed my wp-content/uploads folder. This had all my images. Lucky me—the malware hadn’t touched that directory… yet.
Step 3: Nuke It From Orbit (It’s the Only Way to Be Sure)
Once I had my backups, it was time to burn it all down. Seriously. That malware had infected every core file, theme, plugin—you name it. There was no sense trying to repair it. Here’s what I did:
- Deleted every single file in the WordPress directory
- Removed all plugins and themes
- Checked file permissions for anything suspicious
Basically, if it was a file or folder on the server, it had to go. Everything. It felt… cleansing.
Step 4: Reinstall WordPress (The Fresh Start)
This is the fun part. It’s like wiping the slate clean. Installing WordPress again from scratch felt like moving into a new apartment after your old one was overrun by virtual raccoons.
To reinstall:
- Downloaded the latest WordPress ZIP from wordpress.org
- Uploaded it to my server via FTP
- Unzipped it and deleted the wp-content folder (we’ll be using the old one!)
- Edited wp-config.php with my old database credentials
Boom. My site structure was back—clean, malware-free, and faster than ever.
Step 5: Scan Everything Before Reusing It
Before pushing back any of my backed-up files, I wanted to make sure they were clean. No sense putting a virus back into your shiny new WordPress setup.
- Ran all media files through an antivirus and malware scanner
- Checked database for any suspicious code injection (like base64 or eval statements)
- Manually reviewed anything that looked sketchy
Once I was convinced everything was clean, I restored the uploads folder. As for plugins and themes, I redownloaded each one freshly instead of using old copies.
Step 6: Secure Things Like a Pro
Now that the bad guys had been booted, it was time to make sure they couldn’t just waltz back in again. I turned my humble site into Fort Knox:
- Installed a top-rated security plugin (like Wordfence or Sucuri)
- Limited login attempts
- Changed all passwords—admin, FTP, database, everything
- Added two-factor authentication (2FA)
- Hardened file permissions
I also enabled automatic core updates. Why? Because vulnerabilities show up in WordPress sometimes, and it’s easy to fall behind.
Step 7: Check Google and Other Blacklists
Even though the site was squeaky clean now, I had to be sure it wasn’t being flagged as dangerous out there in the wild. I checked Google’s Safe Browsing site, and luckily, I wasn’t blacklisted—but if you are, you can request a review once your site’s cleaned up.
Also submitted my new site to:
- Google Search Console
- Bing Webmaster Tools
This helped re-index my site and reset my internet reputation from “scary cyber zone” to “friendly neighborhood blog.”
Final Thoughts: Lessons Learned the Hard Way
This whole ordeal taught me a few things:
- Always back up regularly—You never know when disaster will strike
- Keep WordPress up to date—Seriously, stop ignoring that update button
- Use a security plugin—Prevention is far better than cleanup
- Don’t reuse passwords—Hackers love when you do
Resetting my WordPress site wasn’t how I planned to spend my weekend, but honestly, it turned into a blessing in disguise. My site is faster, safer, and tidier now. Plus, I got street cred as that one friend who *actually* knows how to fix websites.
If It Happens to You…
If you ever find yourself staring at a broken WordPress site filled with weird files like __bdcc135, don’t freak out. Follow the steps. Back up what matters. Wipe out the rot. Start fresh. You got this!
Thanks for following along, and remember—when in doubt, nuke it from orbit and rebuild smarter.
- How I Reset My WordPress Site After a Malware Infection That Replaced All Files With “__bdcc135” Suffixes - November 13, 2025
- The Unexpected Conflict Between W3 Total Cache and Cloudflare Page Rules That Dropped My PageSpeed Score Overnight - November 13, 2025
- How Wordfence Locked Me Out After a Brutal Brute Force Attack and the Emergency FTP Bypass That Restored Access - November 12, 2025
Where Should We Send
Your WordPress Deals & Discounts?
Subscribe to Our Newsletter and Get Your First Deal Delivered Instant to Your Email Inbox.
