Scan your site and fix it before Google blacklists it or your web host takes it down.
In this guide we will give you suggestions about how remove malware from WordPress websites, fixing the vulnerabilities, and also include some suggestions on how to keep the sites protected in the future. Remember: doesn’t exist one click malware removal software or service available.
First of all, install our free plugin Anti Hacker and run it.
Go to Dashboard => Anti Hacker => Scan For Malware
Look for infected files.
If you had multiple websites in the same hosting account, you need to go through the same process with every single website.
1. Run a backup of your whole website and download it to your local disk.
You will find free plugins on WordPress repository to do it.
2. Lock down the site(s)
Make sure to lock down all your sites before starting the whole malware removal process.Talk with your hosting provider if necessary.
3. Change all access passwords
- Hosting
- SSH
- FTP
- MySQL
- WP Users.
3.1 Change Database credentials:
Change the MySQL or MariaDB password and update your wp-config.php file.
3.2 Change WordPress admin panel access:
Log into your WordPress site, navigate to Users and Generate new passwords for all users.
Don’t have any account with Admin or Administrator username.
4. Analyse logs file
Download access logs, ask help from your hosting provider if necessary and check that.
5. Update WordPress
Update plugins or themes installed. Avoid plugins and themes without new versions for more then 3 WordPress versions.
6. Remove all disabled plugins and themes.
That can reduce the risk of vulnerabilities in the system.
7. Update your PHP version
PHP 7 makes your website run twice as fast and is also more secure.
8. Remove PHP files from uploads folder
PHP files should never be in uploads folder. Open up your FTP software like Filezilla or similar and navigate to /wp-content/uploads/ and inspect that.
9. Revise manually Pages, Posts, Comments and Revisions
Delete malicious code and if needed re-format the content.
- Search for eval():
eval()
- Search for iFrames:
<iframe
- Search for base64:
base64_decode
- Search for scripts:
<script
10. Restore public access to the website
Remove the restrictions from your website. if you have other sites in the same hosting environment, do the same process.
11. Keep our Anti Hacker Plugin Installed and Updated.
Think a few steps ahead. Buy our Pro version is cheaper than spending time on clean-ups or buying an expensive service for malware removal.