What is the fastest way to remove malware or virus from your Wordpress site?

David Beroff

Well-known member
Joined
Jun 14, 2016
Messages
1,138
Points
63
Recently one of my WP site got infected by malware codes and it redirected to a strange domain name, I did more things to remove it from my site and although it was successful but it consumed pretty more my time. What is the fastest way to remove malware or virus from your Wordpress site? including manual way or auto tools/ways?
 
Joined
Oct 26, 2018
Messages
51
Points
8
Comodo cWatch is the fastest and easiest way. Here's a free 30 day trial and they'll clean up your site for free during this time. The service includes malware scanning and cleanup, a CDN (Content Delivery Network) and WAF (Web Application Firewall). Use this offer as many times as you need. 1 license for each domain.

< Mod Removed >
 
Last edited by a moderator:

aniruddhdiwan

New member
Joined
Feb 12, 2019
Messages
2
Points
3
10 Steps to Remove Malware from Your WordPress Site

Step 1: Backup the Site Files and Database
Step 2: Download and Examine the Backup Files
Step 3: Delete All the Files in the public_html folder
Step 4: Reinstall WordPress
Step 5: Reset Passwords and Permalinks
Step 6: Reinstall Plugins
Step 7: Reinstall Themes
Step 8: Upload Your Images from the Backup
Step 9: Scan Your Computer
Step 10: Install and Run Security Plugins
 

Collabora

Well-known member
Joined
Jan 24, 2017
Messages
123
Points
18
Recently one of my WP site got infected by malware codes and it redirected to a strange domain name, I did more things to remove it from my site and although it was successful but it consumed pretty more my time. What is the fastest way to remove malware or virus from your Wordpress site? including manual way or auto tools/ways?
There really is no fast method, but there are easy and hard method. Here is probably the quickest way that doesn't require much mental effort: Delete all plugin folders, replace all wp core files (from backup or wp repository), reinstall plugins. Assuming the db is clean you should be back in action with a fresh clean site with all the data.

If that fails, you will need to run a server side scanner. I have had good results with https://wordpress.org/plugins/wp-malware-removal/ -- it will take several hours to complete a scan, but you will know exactly what files (and db) are infected and how. The external scanners are quicker (I like Sucuri) but they can only access files that a visitor browser can access and can miss a lot.
 

LayerVPS

New member
Joined
Jun 23, 2019
Messages
4
Points
1
You probably are best restoring from backups, and check through the installed plugins and make sure to update the wordpress install, and there should not be any problems.

Also you can check the access logs to try and find out how they exploited the wordpress install.
 

bountysite

Corporate Member
Corporate Member
Joined
Oct 11, 2017
Messages
109
Points
28
Proactive way to protect any website is to have your website backup system notify you on the details on files modified. You can quickly address the issue and know what files have been modified.

Offcourse website backup can help you restore your site back to pristine version.

Reactive way! Some points I can think of:-
- Clean up everything and start with stock version and install plugins
- Restore db
- Reset all users
- Check if user registration is on. If yes, check default new user role
- check posts (if anything JS/HTML code is added extra)

You got to have a website backup!
 

Nixtree

Well-known member
Joined
Jul 16, 2016
Messages
133
Points
28
Once infected then it is always good to reinstall using fresh installation files and restore the wp-content files. So that core wordpress files is not infected. Now before you restore, I will suggest to manually take a look on contents and remove all unwanted plugins and themes and check the uploads folders. Once cleanup and restore is done, then make sure you harden the site like block wp-login.php and xmlrpc.php to your or enable 2 step verification for wp-login , disable unwanted php_fnctions which are used by hackers , disable php execution in uploads folder recursively etc. Many wordpress plugins can be used for this but I will suggest to reduce the wordpress plugins as much as you can as normally they tend to slow down the websites.
 

bountysite

Corporate Member
Corporate Member
Joined
Oct 11, 2017
Messages
109
Points
28
Recently one of my WP site got infected by malware codes and it redirected to a strange domain name, I did more things to remove it from my site and although it was successful but it consumed pretty more my time. What is the fastest way to remove malware or virus from your Wordpress site? including manual way or auto tools/ways?
Did you find out why the website got infected in the first place?
 

AdrianG001

Member
Joined
Jul 25, 2019
Messages
36
Points
8
Recently one of my WP site got infected by malware codes and it redirected to a strange domain name, I did more things to remove it from my site and although it was successful but it consumed pretty more my time. What is the fastest way to remove malware or virus from your Wordpress site? including manual way or auto tools/ways?
Others may end up giving the plugin names that you can use but i would not use this solution to clean it up as it will be time consuming because the codes and the virus might still be there.

For me its best to install the latest WP version and install the updated version of the current theme or install a new theme. Do this for all the plugins.

Usually the malicious code and virus are in the plugins and theme (not the updated ones).

Avoid using nulled themes and plugins

Perform daily backup of the site if you can.

To avoid such malware attacks you can go for a strong website firewall.

Regards,
Adrian
 

bountysite

Corporate Member
Corporate Member
Joined
Oct 11, 2017
Messages
109
Points
28
If you had a backup in place, you would have known what changes were made to website. Something that I put a lot of effort on, while building our platform.
So, the fastest way to fix your website would be a simple restore click.

I am excited to announce that BountySite now supports database monitoring. You can choose what tables you want to be notified on change.
If the hack has made changes to your post or added a new user, you can easily view the changes. Once you know what has changed, the fix becomes easy.
 

AlbaHost

Well-known member
Joined
Jan 18, 2017
Messages
397
Points
43
AlbaHost
Really? If the backup was made while your website was infected, how would you solve it with "only restore click"?
 

bountysite

Corporate Member
Corporate Member
Joined
Oct 11, 2017
Messages
109
Points
28
bountysite
"If you had a backup in place, you would have known what changes were made to website" I am talking backups prior to website hack.

Hosting providers normally offer 7/14 days retention. So, if the site was hacked 15 days back, then the oldest version is infected.
BountySite backups don't have the retention period, as it converts website into a revisioning system. So, only delta text changes are added to the repo, and you can restore to any point since your first backup.

Now that you have put forth this question, with BountySite you can find out which files are modified wrt to its pristine version. We support Wordpress, Drupal, Joomal core and several other open source softwares.
If the hack are in web files, you can identify and replace with pristine or stock files manually. I actually thought of having a single click replace with pristine version, for which I need to build exclusion file list, which can be misused. So, manual approach is reliable.
Checkout our manual to clean up site.
 
Latest Threads
Replies
0
Views
4
  • Awaiting approval
Replies
0
Views
1
Replies
0
Views
25
  • Deleted
  • Deleted by fwh
Replies
0
Views
1
Replies
6
Views
80

Latest postsNew threads

Latest Hosting OffersNew Reviews

Sponsors

Latest Blog ArticlesMost Viewed Threads

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top