It really all depends on how much media you uploaded and whether or not WordPress was also creating additional sizes for them.
How many files do you have in /wp-content/uploads/?
I checked the folder you mentioned and yes you are right 14K files are just from that folder…. and yes wordpress created a lot of different size photos for the photos i uploaded. why so much different sizes? can I get rid of most of them?
and the remaining 5K files seems normal number right?
Hmm that still doesn’t sound right.
WordPress doesn’t have nearly as many core files. You can compare to a fresh download from https://ww.wp.xz.cn/download/
What are some of the additional files, how did you create this backup of your site, and file-wise how does it compare to the last known pre-hack backup?
I had checked the original wp file count which is close to 3k.
I now checked the plugins folder and there are 2 K there. so then all add up…
but regardless, if I were to manually search for malicious files where would they be and for what?
hacks were years ago. wordfence is also already installed since several years. and it says site is good.
i still have some bad stuff in my database though i know it. but my site works fine. can that spam code in my database be doing something without me knowing? can it be something wordfence is not seeing?
If all of the files add up and compare to a pre-hack download, then you’re good to go.
To be sure though, carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.
