My WordPress site is infected with Malware – what do I do to resolve?
These offsets usually exploit vulnerabilities in the code used to create your site, not the code that the server uses itself.
These vulnerabilities can be found in themes, plugins or modules that you have installed. If you are using an obsolescent version of WordPress, the base installation can also be vulnerable.
These malicious file types can be used to attack other servers, steal data from your website’s database, install malware on your visitor’s computers, and then get Google blacklisted, which helps prevent your Domain’s organic search traffic from being reached.
To fix this and restore your site, follow these steps:
- Note that you cannot replace files on your site with a current backup.
- The backup may still contain the malware and will almost certainly contain the original exploit that was used for access.
- Check your WordPress database for unauthorized admin users.
- Download a copy of your site, but keep it away from your clean backups.
- Delete all files from your hosting package.
- Install a clean and fresh version of WordPress using our one-click installer or a direct download from the WordPress site. Reconnect your new files to your old database by editing wp-config.php.
- Download and install the latest version of all necessary plugins and themes for your site.
- Install the free WordFence plugin, this will help protect your site from future attacks, but in no way is it a complete solution
- (Please avoid downloading pirated copies of themes or plugins or original developer software. Unauthorized versions or unlicensed versions are usually prehacked.)
- A good option to keep your site updated & free from known vulnerable plugins can be found here.
- You can also read this article for more information about securing your website.
Once you have completed these steps and consider the site clean and safe, please let us know on a ticket and we will check one to see if the site is safe.
In SkyHost we have malware auto scanner to keep your website secure.