How to Remove Malware from Your WordPress Site
When running and managing a website, security is a must. Hackers often attack people’s sites from all over the web, some using malware as a means to do it. If you’ve been looking for a guide to get rid of any malware from your site, this is the blog for you! Below we will share six steps to take in order to keep your WordPress site clean and free from malware.
Step 1: Back up your WordPress site and database.
To begin it is very important that you always backup your WordPress site before cleaning it up. This is to ensure that even if something goes wrong while resetting configuration, themes, or plugins during the cleanup process, you will have an existing backup to help you recover your website in no time.
Having a good backup process in place is important as it will help you remember to take regular site backups on a defined frequency. This will ensure that in the event of malware or any other security attack, you can always roll back to the backup copy, which saves you time and money.
There are many plugins to backup WordPress sites like JetPack Backups, BackupBuddy, UpdraftPlus.Here are a few good reads to guide you through the WordPress backup process:
- Backing up your WordPress site
- How to manage WordPress backups with Jetpack
- How to manage backups using cPanel
- How to install and configure the UpdraftPlus plugin
- How to back up a Softaculous-installed application to Google Drive
Step 2: Scan your WordPress site and database.
Next, you should run a full scan of all the files on your site. This will help you to identify which of your files are infected because in some cases this process might not call for a total site removal.
If you are the administrator or have backend access to your site, use WordPress Plugins to scan the site for malware. Read the following articles to learn how to perform virus or malware scanning for your WordPress site:
- How to Immunify to scan websites for malware
- How to use Virus Scanner in cPanel
- How to use Patchman for free vulnerability and malware scans
Alternatively, you can scan your WordPress site for malware with Sucuri Sitecheck.
Step 3: Remove or fix the infected WordPress files and database.
Once you have a list of the infected files, remove them using Filezilla, FTP or cPanel file manager or editor. Use PHPMyAdmin to remove the infections on the WordPress database. Read this article to get a step-by-step guide on how to remove malicious files after a hack on your site: How to repair and secure a hacked site.
Step 4: Close the vulnerability.
Next, check all relevant PHP files on possibilities for backdoor entrance. Here are some of the PHP functions in theme files, plugins folders or other directories commonly used by hackers:
- base64
- eval
- preg_replace (with /e/)
- exec
- str_rot13
- stripslashes
- gzuncompress
- system
- move_uploaded_file
- assert
Step 5: Secure your WordPress installation.
Once all infected entities are removed or cleaned, take the following steps to secure your WordPress Installation:
- Check user roles and permissions via PHPMyAdmin. Remove all unknown administrators and change default permissions or user names. It is recommended to change all passwords after a malware attack to prevent future security issues.
- Remove any unused or old plugins
- Update all used plugin versions
- Install a free or premium version of a security plugin.
Step 6: Let the search engines know.
If your site has been blacklisted or marked as infected by Google, submit a request to google by Search Console to remove warnings from search engines.
Bonus Step 7: Malware removal services
Although there are only six steps to remove the malware, it can be an overwhelming task if you are trying to sort out your business and handle malware simultaneously. At A2 Hosting, we offer removal plans powered by Sucuri for quick, hands-free and affordable ways to fix and prevent future attacks. Contact A2 Hosting to understand the available malware plans and add Sucuri to protect your WordPress site fully.