Malware can harm a vulnerable website in a lot of ways. If you have a WordPress site, it is essential that you exert plenty of effort in securing it. Using WordPress in itself makes you a target for cybercriminals so preventive measures must be put up.
WordPress malware removal is very important to maintain WordPress security. To recover WordPress site, however, is no easy task. It does not help either that Google has become stricter that it would ban websites of offenders. If your site is found to be distributing malware, a simple malware or WordPress virus removal wouldn’t do the trick.
In order to secure your site, you must first understand everything about WordPress security, especially with how WordPress malware removal works.
Malware and Its Dangers
Malware, or Malicious Software, is intended to harm a website either by stealing vital information or damaging the codes. It is also a general term that is used for several forms of harmful software. Some of the common malware that you must watch out for are:
- Adware are unwanted advertising campaigns that automatically shows up whenever your site is opened.
- Spyware is a software that can discreetly steal and collect sensitive data.
- Trojans are real software but is disguised to trick a user into installing it. Executing the program can instantly cause havoc to your site like changing the content.
- Virus has malicious code that can corrupt files and automatically replicates itself all over the files.
- Ransomware is a software that will lock up the site until a specified amount of money, or ransom, is paid by the owner.
Any of these malware attacks are harmful as they make your site vulnerable. Once the attack has started, it will also hurt you SEO or Search Optimization Ranking. Google is very quick at sending out warnings to users if it finds a website harmful, especially if the site has been infected by any type of malware.
WordPress malware removal, therefore, should be considered to be a top priority and the next section will show you how to do exactly that.
Removing Malware from Your Website
Since you are now aware about how malware works, here are the steps that you can do to remove it:
1. Place the site in Maintenance Mode
You can use free WordPress plugins to set your website under maintenance mode while you are doing scanning for your website. One of these plugins that is used to put a website in maintenance mode is SeedProd. Once you start it, it will put up a sign that tells users that the site is temporarily unavailable and will be back in minutes. This allows you to work the necessary fixes without having anyone logging in or using the site.
Although it does dampen the spirits of the user to see that a site is under maintenance, making the page look visually appealing tends to give it a professional and a more reassuring look. The plugin will let you customize the fonts, colors, and layout. There are also more features if you are going to purchase a plan that starts at $29.60/year.
2. Have a Backup First
It is necessary to change some of the files during the WordPress malware removal process. There are also instances when the data breach is so extent that the files are either damaged or removed by the malware. This is why performing a site backup is necessary. It comes free with a managed WordPress hosting. Otherwise, you will have to purchase for an automatic backup feature or use a backup plugin to export the site.
In some unfortunate cases, even access to the dashboard is compromised. A manual backup using phpMyAdmin can be done by logging in to the hosting cpanel. Look for the database then click the Export tab.
You have the quick option to export data at once or pick custom if you want to be specific on the data that you want to backup. The phpMyAdmin will then give you a copy of the exported database and will put everything in a .zip file.
3. Scan the Site for Malware
After backing up the data, you may now start scanning the site for any type of vulnerability. A successful WordPress malware removal and WordPress virus removal relies on how thorough the site is scanned. A managed WordPress hosting usually comes with a free plugin to do a quick but thorough site scan. An anti-malware program called Malwarebytes, can be used to scan and prevent any infection from spreading into other files. Likewise, the exported database must also be subject for a scan.
There are also online site security checkers, such as VirusTotal or Quttera, to check for all the security issues that are present on any website. They can also tell if a website is banned from Google and other search engines.
4. Change All Passwords
There are many ways that hackers can gain access to your site and one of them is by using your own passwords. Yes, they have all the means to get your passwords, especially if there are not enough security layers to protect your site.
In order to fully recover WordPress site, do not just stop at aiming to remove WordPress malware. You need to change the passwords that you use in logging in to your hosting cpanel and FTP account.
If you have cPanel, head to the Preferences tab to create a new password for your account.
Or click on forget password if you lose access to your cpanel account and then create a new stronger password.
At the Files tab, search for your FTP account then reset the password too.
The MySQL password must also be changed. Just go to the Database section to access it.
Furthermore, the wp-config.php file should also be updated too, using an FTP client (such as FileZilla) so you can connect to the database or edit wp-config.php File in WordPress.
Important Tip: Updated passwords should be more difficult than the previous ones and must contain more than eight letters, special characters (%&@#%), and numbers. It will also help if you are going to store this sensitive information in a safe place in case you forget it.
5. Eliminate Malware and All Infected Files
Upon identifying the malware and determining the files that were infected, it is time to do the most crucial step in WordPress malware removal, eradicating them from the files. You can see the infected files by going to the File Manager on the control panel. The public_html folder has the WordPress installation files.
One key to not getting overwhelmed by the multitude of file names is by sorting them according to the last time they were modified. Infected files are those that were modified without your knowledge.
Clean the core files by deleting all the files, except for the wp-config.php and the wp-content folder, within the public_htm folder.
Wp-config.php has all the essential information, like the username and password that is why you need to protect it all costs. Open it together with the wp-config-sample.php to compare. Remove those that appear different and is suspected for having unwanted codes.
Check the plugins folder then make a list of the plugins that you have installed and delete the folder. The same process goes with the themes folder. Remove the index.php file too.
Lastly, check the uploads corner to delete all the .php files. You may remove all .php files on it.
6. Use the Latest WordPress Version
After a successful WordPress malware removal, you need to install the latest WordPress. A managed WordPress hosting may have a one-click install feature. You may install it right at the control panel.
You can also try to do it manually by downloading the latest WordPress version then install it using an FTP client.
7. Re-Install Themes and Plugins
Because you have deleted all plugins and themes, you have to install them back to your site. Refer to the list that you made. It is safer to re-install it by manually searching for the themes and plugins rather than uploading them using the exported database. There is a risk that some of its files were infected with malware and that you should be careful not to spread them across all the files.
8. Restore Public Access
Once you are sure that the website is clean and freed from malware, it is time to open the site for the public. If you have installed a plugin to show a maintenance page sign, disabling it at the admin dashboard will take only a few minutes to complete. The hosting provider may have blocked your site so it will be wise to ask them to restore the access and even do another scanning.
9. Clear Things Up with Google
If your site has been tagged to contain malware, it would be banned from all search engines, especially Google. There are specific means of recovering your site. You can follow the following steps to do so:
- Open the website for Google Search Console.
- Type in to add your website.
- Request for a review by opening the Security Issues Report.
- If you are submitting a review, enumerate the things that you did for WordPress malware removal in order to convince the cpanel that your site is now clean.
- You will be notified about the results through email once Google have reviewed your site.
Methods to Protect Your Site Against Malware and other Kinds of Attacks
After a malware scare, you have to ensure that the same problem will not be happening in the future. It is not guaranteed that your site will always be safe. Hackers are working hard to identify the different vulnerabilities of a website. You need to strengthen site security to keep your account and the website safe.
Use a Security Plugin
The easiest way to keep a site secure is by installing security plugin. There are many decent security WordPress plugins that specifically targets malware threats. You have to choose a plugin according to their features.
The best plugin to remove WordPress malware is one that has the ability to scan core files, plugins, and themes for any malware, code injections, and other vulnerabilities. It would also be a big help if the plugin is built with a real-time firewall so you can block unwanted elements from accessing your site.
Regularly Update
Aside from the WordPress version, you also need to update the themes and plugins. Most vulnerabilities are identified on outdated themes and plugins. Security patches are regularly sent out so it is important to keep your WordPress site updated unless you want the hackers to gain access because they found out a vulnerability.
You can manually check for updates or have a plugin to automatically scan for available updates. There is also an instant update plugin called Easy Updates Manager. You only need to click once and everything will be updated.
Tip: Check for the plugins’ or themes’ WordPress compatibility especially if you are using third-party resources.
Regular Backups
Even though you have thoroughly cleaned your site, it is still necessary to keep regular backups. This will help avoid the possibility of losing all data, in case there are untoward incidents where the site becomes vulnerable to hackers.
You may use a plugin to do the backups. Since there are plenty of different plugins for the same purpose, you can check to see if the plugin can do all three kinds of backups:
- Database backup – to make a backup for all files on the database.
- Scheduled backup – to run automatic backups during specified periods.
- Complete backup – to backup everything in your site.
There are several backup plugins that has all three features. Their prices vary according to a specific plan. Some plugins also have other features aside from solely backing up your site. They can help with encrypting the database, providing premium support, and advanced reporting.
Ready to Secure Your Site?
Do not let yourself be consumed with worry over WordPress malware removal. You are now armed with enough knowledge to understand how a malware can damage a website. You are already aware about how you can protect your site against being vulnerable to malware. Lastly, you are given options as to how you can further protect your site.
Airflour is the best partner that you can ever have in maintaining your WordPress site’s security. Check out the array of reliable WordPress security solutions we offer to see which one can help keep the stressful malware away!
