Remove Malware from Your WordPress Site

How to Remove Malware from WordPress Site?

Malware stands for malicious software, which are harmful programs and files that can compromise a system. There’s nothing worse when you are running a business online than finding out your website is full of malware. It can damage computers, servers, networks, and websites. So it’s important to act quickly to remove malware from your WordPress site. In this article, you’ll learn what malware can do and 7 steps to remove malware from a WordPress site.

What Malware Can Do on Your WordPress Site?

Here are some of the risks posed by malware:

  • Make Unwanted changes to your site, whether something is added or removed without your permission.
  • Compromised sensitive data, like users’ private information.
  • Redirected users to untrustworthy websites promoting scams, inappropriate content, or malicious ads.
  • Damage Your Search Engine Optimization (SEO).
  • Google keeps track of sites with malicious files. As a result, hundreds of thousands of sites are blacklisted every day. Your site could be one of them.

7 Steps to Remove Malware from Your WordPress Site:

Here are the steps to check and clean malware from your WordPress site.

Step-1: Scan Your WordPress Site

 The first and foremost task for removing malware is to scan the website. You can also scan the site manually but reviewing thousands of files can be very time-consuming. This is where WordPress plugins and other third-party software can help you. Some WordPress plugins offer only scanning for the site or its specific parts, while others can also include malware removal and additional security features. Sucuri, WordFence,  All in One WP Security & Firewall, Anti-Malware Security are some popular plugins for scanning malware.

After completing scanning, you’ll get some points for your website. So you can determine what you should do next.

If you have multiple WordPress sites on the same server, we recommend scanning them all. Cross-site contamination is one of the leading causes of reinfections. We encourage every website owner to isolate their hosting and web accounts.

Step- 2: Back-up Your WordPress Site

Before doing anything, make a complete backup of your WordPress site so you can restore it in case anything goes wrong. There are two ways to do this, depending on whether or not you’re locked out of your site.

First, if you don’t have access to your site then follow the instructions:

File manager: click on the public_html directory, and select compress. Then right-click on the archive and download it to save it on your computer.

File transfer protocol (FTP): Firstly you need to download and install an FTP client on your computer. Some of the most popular FTP clients that you can install are FileZilla (Windows, Mac, Linux | Free), WinSCP (Windows | Free), and Cyberduck (Mac | Free). Connect your website with the FTP client using your FTP login credentials. Then download the folder using the same method as used above.

Secondly, if you still have access to your site, you can use plugins such as UpdraftPlus, Backup Buddy, or VaultPress to save time.

Step3: Delete All the Files in the public_html Folder

When you are sure you have a complete backup of your website, find the public_html folder then remove it’s every file and folder except for wp-config.php, cgi-bin, and wp-content.

Now navigate to the wp-content directory and follow these steps:

  • Make a list of all your installed plugins, and delete the subfolder. Later you can download & re-install them again.
  • Remove everything except your current theme and check for unusual code.
  • Look in your uploads folder to see if there is anything in it that you didn’t put there.
  • After you’ve removed the plugins, delete the index.php file.

Step-4: Reinstall WordPress

It’s time to download a fresh WordPress version for your website. A zip file will be saved on your computer, go to your file manager, click upload files, and select the downloaded zip file. After the uploading, right-click or select the extract button. And then enter a name for the directory. And lastly, copy everything else along with the zip file or in the public_html directory if this was the original location.

Don’t re-upload your old wp-config.php file as the new one will have new login encryption salts and will be free from any compromised code.

Edit the wp-config.php file on the new installation of WordPress, to use the database credentials from your former site. This will connect the new WordPress to your old database.

Step-5: Reinstall Plugins and Theme

Reinstall all your plugins and themes from the WordPress repository or fresh downloads from the developer. Exclude themes and plugins that are outdated and no longer maintained.

 If you have customizations from your old site plugins and theme, look at the backup files you downloaded to your computer and replicate the changes on the fresh copy.

If your website has multiple users, it’s essential to reset the password for each user. Otherwise, your site can be in danger for these accounts. Log in to your site and reset all user names and passwords. If you see any users you don’t recognize, your database has been compromised, and you need to contact a professional to make sure no unwanted code has been left in your database.

To reset Permalinks,  go to Settings > Permalinks and then Save Changes. This process will restore the .htaccess file and fix your site URLs so they will work. Also, reset all hosting accounts and FTP passwords. To know more about permalink settings check this article.

Step-7: Re-Upload Your Media Files

Look through images and uploaded files before copying them back into the new wp-content > uploads folder in the file manager. You will need to carefully examine every folder in your backup. Look inside each folder and make sure there are no PHP files, JavaScript files or anything else you did not upload to your Media Library. Once you have checked fully you can upload the files to the server using FTP.

The major concern of this post is to let you know how can you remove malware easily without panicking. Hopefully, this article was impactful and handy for you. If you have any queries feel free to put them in the comment section. We are ready to answer all your queries happily. 

Leave a Reply