These days a lot of WordPress websites are getting infected by malware, adware. What they basically do is that open they redirect the WordPress site to some random third party website which is full of ads or sometimes they spread a virus or other such malicious files to the visitors. This mostly happens because most of the times the creator of WordPress based websites are very beginner and they don’t know much about security.
Last month a person reached out to me saying that his WordPress website is infected and asked me to help him out. When I checked the website I got to know that an attacker added few lines of codes on his website which redirects the visitors to some other website. You might be thinking what will the attacker gain by doing this.
Well, the attacker redirects the visitor to his malicious website which is full of ads and think if he redirects about 10,000 visitors per day, he will earn a good amount of money. So when this person gave me access to his website I first searched how the site got infected.
Here is how his website got infected :
He used a very week and known username and password so there is an attacker who runs scripts which automatically scans for WordPress based websites and try random password and if they get the access they automatically insert the code. Same this was happening in this case too. So I quickly removed the malicious codes and changed the password and things got alright.
If sometimes your WordPress website too gets infected by malware, here is how you can clean your website :
Scan your Website
This is a very important step. here you need to first scan your website to see if there is any backdoor, vulnerability that exists in your website. Scan your website to see if it redirects to some other website. Also, check if you are using the latest version of WordPress.
Backup your sites, files, and database
Always try to make a full site backup for at least once a month so that even if it becomes impossible to fix your website you can restore it back using the backup. You can backup your website files with FTP, cloud, etc. There are a lot of free plugins to do so.
Check the backup files
Things might get really tricky if your backup file itself contains the malware so always check if your backup is free from malware
Format WordPress files and folders
Login to your cPanel and go to the location where you have WordPress installed and delete all the WordPress files in your installation location. Mostly the WordPress files will be in the public_html folder.
Reinstall WordPress
Get one-click WordPress install option from your provider. Get an overview of installing WordPress in server. Fill the necessary information like admin name, password and click the ” Install WordPress” button
Change your WordPress login password
While installing you will be given an option to give a password. For better security, it is advisable to give a new password that you have not used so far on your website.
Reinstall themes and plugins
Download a fresh copy of the theme from the backup or you can use the default theme of WordPress. Once the theme is installed, you can install all the needed plugin once again.
Restore your WordPress files and database
Backups created by popular backup plugins like BackupBuddy and UpdraftPlus can be restored by using the same plugin. USe the plugin to restore the files and database
Scan Again
After all the above steps are done you will have the site up and running once again. Just to check if everything is alright, do a full site checkup to make sure that the site is completely free from malware The best tools to check for malware in WordPress are: Unmask Parasites, Sucuri Site Check, Norton Safe Web, etc.
Clear Google Warnings
After the above steps are done, your website will completely be free from malware. Now submit the blacklist removal request to Google to review your site. Navigate to the crawl tab in search console, Click the fetch as Google section and submit the website to index button below.
After following these steps your website should be completely free from malware in most of the cases. If it’s not then contact your service provider or get help from some professionals.
