Malware is a program or software that is designed to damage and destroy computers and computer system. Nowadays, many websites are built using WordPress because it is easy to use and flexible enough to create different types of websites. Many people do choose their theme/plugin or WordPress hosting properly and therefore it is common that your website is compromised with WordPress malware.
Malware on websites disturbs website owners and users in a number of ways. It can produce intrusive pop-ups and advertising, link users to other malicious websites, and more.
Symptoms that shows that your WordPress site contains malware or has been hacked.
- You are unable to access your admin panel.
- When you try to access the website, your browser will provide warnings to you or to the visitors.
- Your website is redirecting somewhere else.
- Appearance of unwanted advertising.
You can check if your WordPress site is infected by using an online scanner such as Securi’s site checker. If it is infected then use below steps to clean your WordPress website.
These steps will help you to Remove WordPress Malware.
Step 1:Backup your website files and Database.
Before doing anything, it’s important to have a backup of your website. If you don’t, you risk losing all of your files and data, so make sure your WordPress site is backed up.
Step 2:Download the latest version of WordPress.
Always download the latest version of WordPress or keep WordPress up to date.
Step 3: Clean up your infected WordPress site.
Go to the public_html section which contain all WordPress files. Delete all the files except wp-content and wp-config.php.
Open the wp-config.php file and check for any unusual code here, particularly any long strings of random text. You can analyze it by comparing it with the wp-config-sample.php file in your most recent WordPress download.
If you find anything that shouldn’t be there, make a backup of your site’s wp-config.php file, then remove the unwanted code and upload the edited file back.
Open the wp-content folder next.
There are list the plugins that you are currently using when you open the plugins folder. Remove the plugins folder and the index.php file.
Remove any themes you are not using by opening the themes folder. You can delete all of the themes here if you have a recent backup . If not, you must search through each file in the theme for suspicious code.
Next go through your uploads folder and remove any files with a .php extension or any files you haven’t posted.
Step 4:Reupload WordPress Files.
Upload the WordPress files that you have downloaded and upload the themes. Don’t overwrite the wp-config.php file.
Step 5:Update your WordPress login.
You should be able to login to your site’s dashboard at this point. To update the admin password, log in and change the password. Delete any extra users. Always use a secure password generator.
Step 6:Install your plugins.
The plugins you previously deleted need to be re-installed do so one at a time, checking that your website is still operational after each addition.
Step 7:Clear the Google Warning.
At this step, your WordPress site should be free from malicious code. Now its time to remove the URL of your website from Google blacklist. For removing follow this link How to Fix Deceptive Site Ahead Warning. The request for blacklist removal from Google may take a few days .
Additional things you should consider to make your WordPress website secure.
Use WordPress Malware Removal Plugins.
There are plenty of WordPress malware removal plugins available. And you can choose any one of them. They are fully customized and easy to configure.
- Astra Security Plugin
- Securi WordPress Security Plugin
- WebARX Security
- Hide My WP
Make Sure Your Website Is Frequently Backed Up.
Limit Password Attempts.
Choose a Reliable Web Host.
A web host plays a big role in keeping your website safe. Most attacks come through a security vulnerability on the hosting platform. To prevent such WordPress malware attacks, choose web hosting providers that follow industry practices.