Have you ever encountered malware attack on your site? If yes, don’t worry there is a way to check the website for malware and immediately remove them. Hackers are always looking for stealing the confidential information of small businesses sites.
They always point those sites that are ranked top in search engines. Many studies show that sites that are running on WordPress platform have 100% possibility to get hacked because of most of the top results powered by WordPress.
Unfortunately, Last week I received an email letting me know that the site has been temporarily shut down due to malware infection. Hosting team told me that there is a report regarding malware hosted on an account under my control. So, hosting provider closed my site access to stop the further complaints.
See how this notice looks like this: –
Early morning when I checked out my Gmail account, I saw this notice. I had no idea what to do and how to remove malware from WordPress. Without any further due I contacted my hosting provider and asked for help.
Fortunately, they gave me the solution and my site was live. To fix malware infected website hosting provider advised me to install sitelock security to avoid further malware attacks. So, immediately I purchased the “Find” plan of sitelock.
Luckily, I did not receive any further notice before activating sitelock security. But after three days hosting provider again reported a malware code into my directory. Resulting, still my site was dead.
The second notice is here –
Then I purchased sitelock “find plan”.This security tool scanned my whole directory and listed all the malware files. But it was unable to remove them automatically. So, I need to remove the malware from my WordPress site. That’s why my site was not on the server. I took 15 minutes to complete this process. After that, my site again came back. But I won’t suggest you buy this plan of sitelock because it requires manual removal process which makes it laborious. However, this is good only if you find some countable malware attacks.
But if there is a ton of malware files spread over your directory, then manual removal could take a reasonable time. In my case, Sitelock found 16 malware files into my public_html folder, and I took 10 min to locate & remove them.
Hosting provider does not activate your server until you remove all infected file from the server. Google may also blacklist your domain which may affect your domain trust and citation flow. So, don’t take the risk purchase the “sitelock fix plan @ 6.99$” which automatically remove all the infected files from your server.
Above story was mine when I encountered malware attack on my site. Now, It’s time to uncover how to remove malware from WordPress. However, some malware removal services can make your site free from malware infection. But all these services are not affordable. So, today I am going to share affordable services that fit you.
Before I started, let’s talk a little bit about what is malware and how they can damage your WordPress site.
What is malware?
Malware is a malicious program/code/software that acts opposite to the interest of computer’s user. Malware covers all the terms used to define a virus, malicious code, adware, Trojan horses, spyware etc.
These are any code or software that could harm your system. For example, installing an outdated software into your computer may infect your whole system because the old software has not modified by software provider and can easily manipulate. That is the reason, while you download the outdated software into your computer, the system warns you that “this file or software may harm your computer”.
The same thing happens, while you upload or install an old plugin/theme/any other file into your web directory, then this malware secretly enter into your server and try to steal your website’s content.
What are the precautions to prevent WordPress hack?
It is always good to secure your site, so it never hacked. For that, you need to take some steps to make your site free from malware and hackers –
- Use a paid anti-virus to secure your system and network as well. An infected system could harm your WP-admin area. So before login to WordPress dashboard make sure that your system is free from any infection.
- Never upload any outdated theme/ plugin on your server.
- If you notice any WordPress updates then immediately update them.
- Never make “777” mode security permission because it permits a visitor to edit your web page into word format. [777 means read, write and modify]
- Take regular backups for instance recovery.
- Make your site fully secured by Sitelock and SSL
- Don’t download the themes from untrusted sources.
- Use a long and secured password. [include special symbols instead of letters]
- Periodically change the WP admin password
- Run your site on a reputed hosting server.
- Remove unnecessary themes; plugins form your Cpanel
- Install a security plugin like Wordfence, Sucuri.
- In case, if you have a free version of these security plugins then regularly scan your site because free version doesn’t allow automatic scan.
- To prevent WordPress hack make some modification to the robot.txt file. Disallow the search engine bots to index your WP admin page, WP– includes, plugins, themes files
- Secure your .htaccess file
- Secure wp_config.php file
How to remove malware from WordPress website using sitelock
As I mentioned that my website server was locked, it makes me curious to know the reason behind this lockout. I am talking about sitelock and Wordfence. Both tools helped me remove malware and make my server free from an infected file, software or code.
So, let’s discuss one by one.
Wordfence is a very powerful plugin. It has both free and paid version. I am using the free version of this plugin. I am so glad that free version includes all necessary security features.
Automatic malware removal is the usual drawback of this plugin. To include this feature, you need to buy a premium plan. But the good thing is that it notifies everything that you consider as a security essential [given above].
But the free version of this tool only helps before getting hacked. Once you get hacked, this tool is no longer available for you. Because hosting provider does not permit you to interact with WordPress admin panel and you can’t address, where the malware has injected. So make sure, scan your site regularly and fix any issue notified by Wordfrence security plugin to minimise the chances of getting hacked.
It was the free version of Wordfence. But if you upgraded to the premium version, then you don’t need to worry about anything. This tool will take care of everything.
It has tons of features like blocking of malicious traffic, 2-step security for WordPress login page, WordPress firewall to protect from bot attacks, monitor the real-time traffic, DNS security and compatible with IPv6 etc. [Learn more about wordfence security features ]
#2. Sitelock: – A malware removal tool
Now, let’s move on the second malware removal tool “Sitelock.”
This tool is awesome. Currently, I am using this tool to take care of all security issues. The feature is similar to Wordfence. I like the Sitelock smart scanner. It automatically removes all the malware available in your web directory.
There are three plans find, fix and protected [For hostgator]. I recommend you “fix plan” because it has the feature of automatic removal. Find and fix both are pretty similar excluding automatic malware removal feature.
Once you have purchased, you need to setup your account and configure it. But make sure find plan does not include a smart scanner. So, you need to remove all the malware files manually.
- How to configure WordPress sitelock security plugin with sitelock to automatically remove the malware
Follow these steps to make your site free from malware/malicious code (“find Plan” of Sitelock)
When you receive an alert from hosting provider, then it’s time to get ready. First of all, login to Cpanel and open the file manager. In the public_html folder, you will find a malware.txt file. It is a detailed list of all the malware code present in your directory.
Now, download this file into your computer and open it. Here you will see all the files with their exact location.
Delete every file form the directory.
After cleaning, it’s time to repair your website again because malware may be in your WordPress core files which makes your WordPress login page broken. That’s why you need to repair your site by re-uploading the new WordPress core files. It is only required if you find malware infection within your core files like WP-admin.php, WP-config.php, WP-setting.phop, index.php and so on.
Once your website goes live, take a backup, of your website. For taking a backup, you need to open your Cpanel and click the backup button. It takes time to prepare the backup file. Once done, download the backup file into your computer. Finally, you have removed all the malware files from your server.
It was all for “sitelock find plan”. But if you buy “fix plan” then you don’t need anything. The smart scanner will automatically remove all the infected files from your WordPress directory. Sitelock quick scanner continuously scans your whole directory and if it detects any malware attack on your site. It immediately removes them from your site and sends you an email to let you know that malware has removed from your website.
It is the Gmail delivered by Sitelock which confirms that your site is now free from any malware infection.
#3. Contact to your hosting support
No one knows that what is going to happen in the next day. Sometime, the situations may be opposite. In case, if you have no one to help then always contact your hosting support.
When I felt into grief, I contacted my hosting support, and they served me well. Here you can see my recent conversation while I reported a malware attack on my server. See how I solve my issue within 15 to 30 minutes.
In a nutshell, security is the prime concern. So, never ignore it. In this article, I have mentioned two methods that could help you remove malware from WordPress site. Free Wordfence security tool couldn’t help you after getting hacked. But it can be used as a cleaner. For better protection upgrade this plugin.
Hope you would enjoy this article. If you like this article, then don’t forget to share on Facebook, Twitter, LinkedIn and Reddit etc.
If you have any issue, then feel free to ask.