How do I fix website infections and get rid of malware? Every WordPress website owner needs to learn the fine art of cleaning up an infected website, preventing infections and keeping hackers at bay. Read this article to learn how.
What is WordPress malware?
WordPress malware is malicious software which adds a backdoor to your website, allowing hackers to take control of it, infect it further with even more malware or redirect it to another website. The most popular type of malicious software is called WP-VCD. Most pirated plugins and themes are infected with it.
How do I fix website infections and get rid of malware?
There are plenty of antivirus tools for WordPress, such as the Sucuri plugin which will clean up most standard types of malware. I like to use on my server ImmunifyAV or Immunify360 to clean up infected files. It’s the cheapest option.
If you require human intervention, again the guys from Sucuri will clean up your website for a small fee.
If you don’t want to pay for a professional cleanup service, you can try removing the malware yourself.
First, go to VirusTotal, to determine the kind of malware that is infecting your website. Next, google for manual cleaning instructions. Again, I would simply buy the paid version of the Sucuri plugin or ImmunifyAV, but you are doing it the hard way. Fine, if you insist. If the malware is WP-VCD, for example Google will have plenty of instructions on how to clean it up. This website here, for example, has a pretty detailed guide.
Another good option is to do a daily backup of your website and simply restore it from the latest good copy once it gets infected. That’s how I saved a customer’s website when it got hacked.
What to do if my website is hacked or redirects to another?
I had a customer whose site got hacked and redirected to another malicious website. When this happens, hackers usually infect your theme or your plugins with their malicious code. In this case, try disabling your plugins and changing your theme, and after that enable them one by one until you find out which plugin is infected.
If you don’t have access to your site, you can restore access by using PHPMyAdmin to change your administrator password and you can use your file manager to delete plugins one by one.
How to prevent infections?
It’s simple. If you are on a VPS, buy an ImmunifyAV subscription. Don’t download cracked plugins and themes, or at least download them from a really trusted source or a private forum.
I have on all my websites WordFence security to prevent SQL injections and common site hacks.
As always, schedule daily backups of your website. You can do it either through your server control panel, or through a WordPress plugin. It will be cheaper than paying an expert for manual cleanup.
While you are at it, checkout my other article How much does a WordPress website cost per month? for a comparison of good, cheap and secure WordPress hosts.
To learn more about website security, check out this article Secure Connections: A False Sense of Security?
What is your experience with WordPress security? Have you dealt with a hacked site? How did you recover? Do you do daily backups? Post your opinion in the comments. If you like this article, share it.
Aleksandar Paunovski is a Computer Science student at New Bulgarian University. He has more than 20 years of experience with computer systems. Aleksandar knows PHP, JavaScript, C++, CSS, and HTML and is an expert on WordPress, computer security, Linux, Mac OS, Chrome OS, and Windows. When not busy making sites, Aleksandar loves to listen to 90’s music, walk in the park, and post on his blog.