How to Remove Malware From Your WordPress Site.WordPress is one of the most popular website management systems used all over the world. According to W3Techs, 34% of all websites on the Internet are powered by it. The popularity of WordPress is due in part to the sheer number of plugins and templates available that allow you to do just about anything on your website.
This broad feature set also has vulnerabilities. Hackers can often gain access to code and infect WordPress sites with malware in the same way they can install malware on a router.
Malware can infect and destroy your site, so it’s important to act quickly to remove malware from your WordPress site.
Contact your web host first
Before attempting any of the suggestions below, please contact your hosting company first. It is possible that the host server, especially if you are on a shared server, is distributing malicious code from another site to yours.
Ask them to scan their server to make sure it is not at fault before attempting to remove malware from your own site. In addition, they can make suggestions to less technical website owners on how to safely scan and remove malware from their sites.
Some hosts may also offer services where they will remove it for you. And then back up your site, reducing the risk of malware getting backed up.
Web hosts have the experience, tools and capabilities to deal with malware, so check with them first before trying to do it yourself.
It’s always best to try to prevent threats before they happen. The most important action users should take is to make sure they always use the latest and most stable version of WordPress, even if they only install the test version on their computer.
Newer versions are usually released to fix common vulnerabilities found in previous versions. It’s the same with plugins and themes. Keep them up to date and delete the ones you don’t use.
Some of the many negative issues that malware can cause on a WordPress site include:
- Internet and MySQL server resource usage.
- Unwanted ads.
- Bulk spam.
- Theft of personal data of customers and users.
- Loss of information from your site.
- Google Penalties.
What if your site is infected or hacked? In this article, we’ll show you how to remove malware from your WordPress site.
Use plugins to remove WordPress malware
If you can log in and access your WP admin area, you might not have to reload your entire site. Using the right WordPress plugin can help remove malware from your WordPress site.
MalCare is a premium plugin that will instantly remove malware from your WP installation. It will not only clear a compromised site, but also protect against future security breaches.
One of the many benefits of MalCare is that it crawls your site on its own servers. Your site will not be under pressure on its resources and will continue to work smoothly.
There are four pricing tiers, from $ 99 per year for a single site (personal) to the Custom Agency Plus plan for over 20 sites.
Malcare is a comprehensive WP security plugin that includes many advanced features such as:
- real-time email alerts.
- Tracking small file changes.
- Minimizing false positives.
WordFence < / Strong>
WordFence is one of the most used WP security plugins. It includes a malware scanner and endpoint firewall.
The free version of WordFence is powerful enough for small websites, from protecting against brute force attacks to blocking a firewall.
If you need additional features such as two-factor authentication, password leak protection, and advanced manual blocking, you can purchase a premium license. The price depends on the number of licenses purchased, starting at $ 99 per license.
All in One WP: Security & Firewall
One of the most popular free security plugins is All in One WP Security & Firewall. It provides a simple visual interface using indicators and charts.
The plugin is intended for beginners and more experienced developers and is divided into three categories: basic, intermediate, and advanced.
All in One WP Security will protect websites as follows:
- Securing your files and databases.
- Enhanced security of user registration.
- Blocking forced login attempts.
Additional features include the ability to back up .wp-config and .htaccess files. Users can also recover these files if something goes wrong on their site.
For a complete list of all WordPress security plugins visit WordPress.org. If you are unable to log in, you may have to reinstall the entire site.
If you are tech savvy and run the site on your own server, please carefully follow the instructions below.
Keep in mind that backing up your website and deleting it can be dangerous and should only be undertaken by high-tech website owners.
Backup your database and all files
If you are infected and need to remove malware from your WordPress site, it is important to immediately protect your content. Before doing anything, make a full backup of your WordPress site so you can restore it if something goes wrong.
Be sure to back up a clean version of your MySQL database and FTP account. There are several ways to back up your site, including through cPanel, phpMyAdmin, and WordPress plugins (like Vaultpress).
All WordPress users are strongly encouraged to make regular backups of their website. The following steps describe how to manually remove malware from your WordPress site.
Step 1. Examine your files
Step 1: Check your files
Once you’ve backed up your entire WP site, download the backup zip file to your computer. Open it by double clicking on it with the left mouse button. You should see the following files:
- All core WordPress files.
- .htaccess: This is a hidden file. and includes the name, username and password for your WordPress database. To make sure you backed up this file, use a code editing application or FTP program that allows you to view hidden files. Be sure to check the “Show hidden files” box.
- The wp-content folder containing themes, plugins and downloads.
- SQL Database.
Step 2. Delete all files and folders from the Public_html folder
Step 2: Delete all files and folders from Public_html
When you are sure that you have a complete backup of your site, go to your hosting’s file manager.
Find the public_html folder and delete its contents except the wp-config.php, wp-content and cgi-bin folders.
Make sure you are viewing invisible files, including .htaccess, as they could be compromised.
If you host multiple sites, you should assume that they have also been compromised as cross-contamination is common. Follow the same process for all sites hosted on the same server.
Open the wp-config.php file and compare it with the sample wp-config file. You can find this file in the WP GitHub repository.
Also review your file to see if anything looks suspicious, such as long lines of code. If you are sure that something should not be there, delete it.
Now go to the wp-content directory and:
- List all the plugins you have installed and then uninstall them.
- Remove all themes, including the one you are using. You will reinstall it later.
- Check your downloads folder to see if there is anything in it that you didn’t put there.
- Remove index.php after you remove all plugins.
Step 3. Install a clean WordPress version
Step 3: Install a clean version of WordPress
Go to your web host’s control panel and reinstall WordPress to the same directory of the original location.
This will be either the public_html directory, or a subdirectory if you’ve installed WordPress on an additional domain. Use the one-click installer or QuickInstall (depending on your hosting company) from your web hosting control panel.
Unzip the tar or zipped file and upload the files to your server. You will need to create a new wp-config.php file and enter the details from your site backup. You only need to enter the database name, password and prefix.
Step 4. Reset permalinks and passwords
Step 4: Reset Hard Links and Passwords
Login to your WP site and reset all usernames and passwords. If there are unidentified users, it means that your database has been hacked.
You can hire a professional to clean your database of malicious code.
To reset permalinks, go to Settings> Permalinks and then Save Changes. This process will restore the .htaccess file and fix your site urls to make them work. Also, reset all hosting accounts and FTP passwords.
Step 5. Reinstall theme and plugins
Step 5: Reinstall the theme and plugins
Don’t install old versions of your theme or plugins. Instead, download the new files from the WordPress repository or from the premium plugin developer site. Don’t use plugins that are no longer supported.
If you have customizations from the old site theme, review the backup files you downloaded to your computer and reproduce the changes in the new copy.
Step 6. Scan and re-download images and documents from the backup
Step 6: Erase your photos and documents from the backup and reload them
This step can be tedious, but necessary. Review your images and uploaded files carefully before copying them back into the new wp-content> uploads folder in your file manager.
Use the latest antivirus software to check all files for infection. Upload the clean files back to your server using an FTP client or file manager. Keep the folder structure the same so that there are no broken links.
Step 7. Notify Google
Step Seven: Notify Google
If you find out that your site has been hacked due to a warning from Google, you must inform them that you have removed the malware so that they can close the notification on your account.
Go to Google Search Console and sign in if you already have an account. If you don’t, register your site.
Find the “Safety and Manual” section in the left navigation pane. Click the drop-down list and select Security Issues.
Here you will see your site’s security report. Select “Request a Review” and submit it to Google.