Upgrades to WordPress are important to keep hackers from destroying your site and your index status on Google Search. After upgrading to WordPress 3.5 there were some preexisting files that should also be deleted. These now unused files can be hijacked by hackers to damage your site. It is best to delete or move these files from your WP directories.
An automated WP upgrade makes life much easier for everyone, newby or expert. The upgrade process will add new files and replace existing files. It cannot, however, delete previous WP version files the new version no longer uses. This gives hackers the opportunity to exploit the upgrade process by using these unnecessary old files and infect your newly upgraded WP site. Who would suspect that a WP file from the previous version would be infected, especially after a fresh upgrade? Removing these old files should not affect your new WP installation because if the new WP needed the file it would have been included in the upgrade. Extra files can be used to damage your site by the insidious Pharma Hack bug.
To find out if your WP installation has any unnecessary files, download a WP copy to your hard disk and expand it. Do not install it. Then use a program like Filezilla to compare, directory by directory, your installation. Filezilla has a ctrl-O feature that will highlight any differences it finds, such as extra files. You do need to do every directory and subdirectory. Alternately to the ctrl-O is that you can compare the number of files and their total size. If these are exactly the same, then you are safe. This directory comparison does take a long time, but it guarantees your WP installation is Ok, with no extra files.
Here are the unnecessary files I found when I upgraded to WordPress 3.5:
You should be able to leave unnecessary graphics files, as they seem to be pretty benign but remove the .php, .js and other executable files. Hackers can inject code into these files and run them.
The alternative to all this file comparisons after upgrade is to delete your WP installation and then reinstall. The risk here is that you might unknowingly delete necessary files, which you would have to recreate. I would rather not take this risk.
Good luck, and a Pharma Hack pox on your enemies.
Leave a Reply