How to Clean Worpress Malwere Infections
The other day happened to me, what I didn’t expect. After two years of no problems on my WordPress website, I never gave too much thought about security of my website as I took security for granted, since my hosting provider I am really happy with, does security scans on a weekly basis.
So I received alert email that my website is blacklisted and infected.
I imagined if it ever happened, I as an average WordPress user will have their support in solving this problem. It turned out it is not that simple and you end up alone fighting will WordPress malware infection.
How to Clean Malware Infection on WordPress
Depends how tech savvy you are on general. I am an average user, know a little bit beyond the basics, but not so much tat I would be confident in messing with WordPress files.
Removing WP Malware on your Own Manually
To be successful on your own, you should be familiar with WordPress core files, FTP and your hosting control panel. If your host provides access to the command shell and you’re familiar with Linux.
Before you do anything, first change passwords in c panel, hosting log in, FTP access, change admin passwords and user password in WordPress to something super hard (include numbers, upper cases, etc, the longer the better) and log of from all locations.
The simplest possible solution to remove malware in WordPress manually is to update wp-admin and wp-includes folder by downloading a fresh copy of the same version currently you have
Downloading the contents of your website trough FTP.
Scanning the downloaded files and your computer with an up-to-date anti-virus software and then clean them from malicious code, upload your files back on the hosting server. When the malicious code has been removed, you should upgrade all applications on your hosting account to their latest stable versions.
Then install wordfence security plugin https://wordpress.org/plugins/wordfence/ and scan all your files and it will find the code which you need to remove manually from files. Also install 2 factor https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/ , and authentication plugin
If possible whitelist your IP for login area so that only you will be able to see the log-in page. Replace the htaccess if it’s been tampered with.
If you are not confident to temper with malware mess, then the easy, but expensive solution is available. Sucuri https://sucuri.net/ specializes in cleaning and repairing hacked websites, anything from in removing website malware, blacklists, phishing, infections, defacements, SEO spam, and other infections from infected websites as well as protecting against ddos attacks and other threats all based on cloud protection.
If you lack the knowledge, this service is perfect as they do anything after you pay annual fee. My website was cleaned in an hour, staff was updating me along the way during the process.
How to Avoid Malware Infections in WordPress
Update Plugins and Themes
Outdated software is the leading cause of site infections, and re-infections. Try to keep all your plugins, themes and WordPress installations always updated, as well as to remove all unused ones.
Be careful with Free WP Plugins
The cause for my malware infection was Adsense Made Easy plug in that was using plug in that was injecting a script in my page loading a script from a blacklisted domain. Free plugins are never free, they always get something back. Change log in and email Passowrds on regular basis Changing paswords at least once a year should be a habit. Dont forget to change the pasword or emails connected to your website domain name.
Get Hack Alerts from Hosting Provider to Avoid being Removed from Search Results
This one saved me! If I didnt have hack alert subscription from Siteground, I would have no idea my site is infected and black listed. Being Blacklisted by Google is the last thing you want! Being blacklisted by search engines means loss in revenue, reputation and being removed from search results!
Get FireWall Protection
Since I paid hefty annual fee with Sucuri, I got firewall protection service included.
Before proceeding with the firewall activation you should know the following: if your site has a valid SSL in place and it’s redirected to HTTPS be ready for website to be offline for an hour or so during implementation of firewall. If you don’t want to be offline, another option would be for you to temporarily disable the redirect to HTTPS, while the necessary changes are made for the activation. Once a SSL is installed on our servers you can re-activate the redirect to HTTPS.
Hope this post will be helpful to you, I am not an exert, just sharing what I learnd in the process of solving my first and hopefully last malware WordPress infection.
Have you ever had problems with website security? How did you deal with it?