WordPress sites are at risk of being attacked and infected by malware at any given time. More than 74 million sites are powered by WordPress. Because all are connected to the same Content Management System, there is a high chance of websites being vulnerable to attack.
To determine if you site has been infected with malware and to clean it up and fix the damage, follow these simple steps:
While this warning confirms malware infection, there are a number of indicators that could help you ascertain whether your site has been hacked.
- Browsers display a malware infection warning and block access to your website
- Your website host suspends your website citing malicious activity
- New users (with malicious intent) have penetrated your account and their logins are displayed on the dashboard
- Browsers display unexpected behavior on your website
- Hackers have modified code or impregnated code into your website
1. Scan Your Website
Run a website malware scan to determine whether or not your site is really infected, and by what. A number of website malware scans are available online, including the cWatch scan by Comodo.
2. Change your cPanel and FTP Password
Once you are sure that virus scanning of the system is done, ensure that you change your FTP and cPanel passwords. Make the password complex, with a combination of numbers, lowercase and uppercase letters and special characters.
3. Download WordPress
Be sure to to download WordPress from the WordPress site itself.
4. Extract Files from Zip
Extract the files from zip once you download the WordPress package on your system.
5. Remove the WordPress Malware infection
Login to your cPanel > File Manager
The WordPress Installation Files will look like
- wp-admin
- wp-content
- wp-includes
- index.php
- license.txt
- readme.html
- wp-activate.php
- wp-blog-header.php
- wp-comments-post.php
- wp-config.php
- wp-config-sample.php
- wp-cron.php
- wp-links-opml.php
- wp-load.php
- wp-login.php
- wp-mail.php
- wp-settings.php
- wp-signup.php
- wp-trackback.php
- xmlrpc.php
Retain wp-config.php file and wp-content folder and remove the other files and folders so the installation looks like:
- wp-content
- wp-config.php
Edit the wp-config.php file in your cPanel > File Manager. Check for unknown and vulnerable codes.
Wp-content folder should be like this:
- plugins
- themes
- uploads
- index.php
Remove the plugins folder and index.php. Once the cleaning process is completed the plugins can be reinstalled.
WordPress Malware Scan Plugins
There are many security plugins associated with the WordPress site that runs inside to scan the files and databases of the website for malware. The plugin scans are more effective than the remote scans. It is critical to delete the plugins when it is not in use as it extracts and uses a lot of resources and therefore slows down the site performance.
Website security is quite challenging and if you are clueless on how to secure websites, get cWatch to enjoy FREE WEBSITE MALWARE REMOVAL. With cWatch, website security experts are available 24/7 to address website malware issues. It also guarantees robust malware scans and complete malware removal.
Better late than never, Enrol for cWatch and get connected to our WordPress Security Experts. Sign Up Today!
6. Upload the WordPress Again
The WordPress files which were extracted can be now uploaded through FTP.
7. Consider changing WordPress Admin Password and Re-install Plugins
The dashboard will be available to access now. Consider changing the admin password with a combination of characters, letters and numbers.
8. Get the Google warning alert removed
Once your site is malware free, submit a request to Google and get the warning message “This site may harm your computer”removed from your site.
Install cWatch and protect your website – Install Comodo cWatch which uses a Security-as-a-Service (SaaS) model to secure and monitor your website against malware attacks. Protect your website and customers with Security Information and Event Management through real-time security monitoring, advanced threat detection and incident management. It also provides DdoS, addresses malware attacks and automates the malware removal process.