How To Safely Remove Malware From Your WP Site In 2020
Malware is an umbrella term that covers an array of harmful programs and files that can compromise computer systems, networks, servers, and mobile devices.
Some forms of malicious software can even exploit websites. Although WordPress is one of the most secure and well-maintained services, it’s still vulnerable to cyber threats. Therefore, it’s key to always pay attention to the security of your WP site.
Keep reading to learn more about how cybercriminals exploit these loopholes and how you can identify and remove dangerous viruses from your website.
How Malware Can Affect WP Sites
Malware can affect WordPress sites in multiple ways. These include:
- Make unwanted changes to your website’s content or structure by adding or removing elements without your permission
- Steal sensitive and private user data
- Start spamming subscribers and random users by sending out suspicious links and attachments from your domain
- Redirect your website’s URLs to untrustworthy and malicious websites to scam users, download malware on their system, and show them unwanted ads and PUPs
- Start consuming server resources, thus making your website slower
- Google and other search engines will mark your website as spam or unsafe. This will further lower your SERP ranking
- Your website will be marked unsafe and won’t be shown in organic rankings. This will hurt your SEO efforts and you’ll lose out on a huge amount of organic traffic
Removing Malware Manually
Removing online threats manually demands technical knowledge, but it could be comprehensive. It’ll help you better understand how and where the breach occurred. The manual step-by-step process is explained below.
- Backup Your Site: It’s a good idea to back up your site before you start making any changes to the core files. There are different ways to do this, including:
- If access to your site is intact, you can employ plugins like Vault Press, Backup Buddy, etc.
- In case your login is compromised, you might have to save a copy of your site's public_HTML folder using FTP or by hosting a file manager. Filezilla is a popular FTP client that can be employed. In the case of the File Manager, you can download a compressed version of the public_HTML folder to your local PC.
- Make a copy of the entire database on your local PC
- Scan Your Computer: Once you have the backup file on your computer, scan it using antivirus software with a real-time malware scanner. Run a full scan and review the results. If malicious software is found, the antivirus will remove it or ask you for confirmation.
- Remove the Malware: Start by accessing your website’s core files through the FTP manager. Open up wp-config.php and make a comparative analysis of its contents with a freshly downloaded wp-config-sample.php file from Github. If you find any strange code strings, remove them. Next, go to the wp-content directory and erase all plugins, themes, and any uploads that you haven’t done. Once you’re done deleting these files, remove the index.php file as well.
- Upload and Reset Password: Once the mitigation process is over, you can re-upload your files. Don’t forget to assign a new FTP password. When multiple users are accessing a site, there’s a more significant opportunity for breaches to happen through one of the accessing accounts. Accordingly, all users must change their passwords. Always make use of randomized and long strings as passwords to ensure protection against brute force attacks.
Removing With A Plugin
If the manual process is overwhelming, you can take the quicker route of using a security plugin such as Sucuri. You can install one of these plugins and activate its features to keep the security system intact.
You can also refresh your scans manually whenever needed to keep your WordPress site intact. This is an easier option for the people who don’t prefer to go through the pain of doing the whole process manually. The main advantages that come along with these plugins are as follows:
- Offers remote and server-side scanning capabilities. This way, you can be sure that the back-end is scanned as well
- Detection capabilities are very efficient, thus compromised WordPress sites can be detected easily. Therefore, you can replace the infected files quickly
- Checks whether your website is blacklisted by running checks on search engines
- Prevents further cyber attacks by reinforcing security
- Detects malicious software activity and notifies accordingly
Perform the following steps to remove malware using a plugin:
- Download and activate the plugin from the WordPress repository
- Check under Dashboard and run the scan
- If anything suspicious is found, the plugin will flag the file
- Select the file and whatever action you prefer
Removing The Site's Warning Label Through Google Search Console
To bring your WordPress site back to normal after removing the harmful software, you need to do the following:
- Go to Google Search Console and get your website registered. Make sure that the registration is successful by using URL prefix or domain
- Click on the Security & Manual Actions tab. Then select “Security Issues”
- Verify the security report and request for a review
- Make sure you’ve successfully removed the malicious software before filing a request to avoid being reported as a repeat offender
Malware can cause a lot of trouble and can take away the credibility of your WordPress site.
You need to be cautious about such malicious content when running any website.
Make sure to have security plugins intact and get the issues mitigated as and when they arise.