SESPIM LEMDIKLAT POLRI – WordPress Security Recovery

Key Features

• 01Full manual PHP audit across all WordPress directories to identify injected backdoor files
• 02Removal of 13 malware files and 2 modified WordPress core files
• 03Elimination of 6 SEO-poisoning spam posts injected by the attacker
• 04Admin access restoration via direct database intervention
• 05Wordfence Security deployment with hardened firewall and login protection rules
• 06UpdraftPlus backup system configuration with off-site storage
• 07Formal incident report (Bahasa Indonesia) documenting attack scope and remediation steps
• 08Ongoing maintenance retainer recommendation with Reguler and Premium package options

Project Details

SESPIM LEMDIKLAT POLRI is the official staff and leadership school of the Indonesian National Police (Polri), operating under LEMDIKLAT POLRI — the institution responsible for all Polri education and training programs. Their WordPress website had been compromised for approximately three years without detection, with malware silently embedded across core files and the wp-content directory. The breach manifested as a complete admin lockout, with the attacker having modified authentication logic, injected spam SEO posts targeting unrelated keywords, and planted 13 backdoor files across the installation. The institution had no recent backup and no security tooling in place. I performed a full emergency recovery under Aksara Karya Digital: auditing all PHP files manually, removing 13 malware files and 2 modified WordPress core files, purging 6 spam posts, restoring admin access, and deploying Wordfence with hardened configuration. The site was returned to full operation in under 24 hours. Following recovery, I delivered a formal incident report in Indonesian documenting the attack vector, all changes made, and a tiered maintenance retainer proposal to prevent recurrence.