Malware Removal Guide

Scan your site and fix it before Google blacklists it or your web host takes it down.

In this guide we will give you suggestions about how remove malware from   WordPress websites, fixing the vulnerabilities, and also include some suggestions on how to keep the sites protected in the future. Remember: doesn’t exist one click malware removal software or service available.

First of all, install our free plugin Anti Hacker and run it.

Go to Dashboard => Anti Hacker =>  Scan For Malware

Look for infected files.

If you had multiple websites in the same hosting account,  you need to go through the same process with every single website.

1. Run a backup of your whole website and download it to your local disk.

You will find free plugins on WordPress repository to do it.

2. Lock down the site(s)

Make sure to lock  down all your sites before starting the whole malware removal process.Talk with your hosting provider if necessary.

3. Change all access passwords
  • Hosting
  • SSH
  • FTP
  • MySQL
  • WP Users.
3.1 Change Database credentials:

Change the MySQL or MariaDB  password and update your wp-config.php file.

3.2 Change WordPress admin panel access:

Log into your WordPress site, navigate to Users  and Generate new passwords for all users.

Don’t have any account with Admin or Administrator username.

4. Analyse logs file

Download access logs,  ask help from your hosting provider if necessary and check that.

5. Update WordPress

Update  plugins or themes installed. Avoid plugins and themes without new versions for more then 3 WordPress versions.

6. Remove all disabled plugins and themes.

That can  reduce the risk of vulnerabilities  in the system.

7. Update your PHP version

PHP 7 makes your website run twice as fast and is also more secure.

8. Remove PHP files from uploads folder

PHP files should never be in uploads folder. Open up your FTP software like Filezilla or similar  and navigate to /wp-content/uploads/ and inspect that.

9. Revise  manually  Pages, Posts, Comments and Revisions

Delete malicious code and if needed re-format the content.

  • Search for eval(): eval()
  • Search for iFrames: <iframe
  • Search for base64: base64_decode
  • Search for scripts: <script
10. Restore public access to the website

Remove the restrictions from your website.  if you have other sites in the same hosting environment,  do the same process.

11. Keep our Anti Hacker Plugin Installed and Updated.

Think a few steps ahead. Buy our Pro version is  cheaper than spending time on  clean-ups or buying an expensive service for  malware removal.