Removing malware from WordPress

In this article we’ll be talking through how to remove malware from a wordpress installation.


Step 1 – Scan your PC

There’s multiple ways malware can get onto your website, but one of the first places to check is your own PC. Make sure there’s no dodgy software installed and then proceed with your cleanup.

Step 2 – Scan your wordpress installation

Using a plugin such as wordfence, or an external wordpress scanning tool scan your site to flag up any rouge files, make a note of these files ready for the next step.

Step 3 – Delete malicious files.

For this step we need to be careful to make sure we don’t delete anything we want to keep. It can be helpful to download a fresh copy of wordpress and compare your hacked install to the fresh download, just so you can compare files. Malicious code is often quite hard to read but at the same time quite easy to spot if you know what your looking for(often huge strings of code that don’t seem to make much sense). Go through the effected files and delete the malicious code, there could also be new malicious files, make sure these are deleted too.

Step 4 – Rescan

The next step is to rescan your wordpress install to make sure everything is clean. If so, great. If not go back to the previous step and check the files again.


Step 5 – Make sure the wordpress install and plugins are up to date

This step is a pretty easy one, but essential. Most hacks come from outdated installations or plugins in our experience. Make sure your running the latest releases at all times to stop your site being hacked again.

Step 6 – Change passwords

Change all passwords for your WordPress users(if possible), your cPanel, Plesk or other control panel passwords as well as any MySQL and FTP passwords.

If you’re still struggling and need some help, we’re only a call or email away. Visit our contact page to see how to get in touch with once of our wordpress experts.

For a free consultation, get in touch today:

Tel: 0333 567 0558