Your WordPress Malware Removal Guide: How to Clean an Infected WordPress Site

Is your WordPress site facing threats from applications, Trojans, or backdoors?

These are the three most common types of malware. However, malware comes in all different forms, and despite your best efforts, it can be impossible to combat all of them. Even though WordPress is safe, reliable, and popular for a reason, WordPress sites can still become infected.

It’s important to take steps to protect your site from WordPress malware. But it’s also important to know basic WordPress malware removal, for when an infection does occur. Malware doesn’t spell a death sentence for your site — but there are some steps you’ll need to take.

If you’re new to WordPress malware removal, don’t worry. We’re here to help. Keep reading to find out how to tackle this website disaster.

Signs of a Malware Attack

Not sure if malware might be affecting your site? Here are a few common signs to watch out for.

Any unauthorized changes to your site are definitely something to worry about. If the homepage looks different, or you see new users added that you don’t recognize, malware could be to blame.

You might also see new pop-up windows, learn about emails from your site that you didn’t send, or see changes to file names. Finally, the network might show activity even when you weren’t using it.

However, the most dangerous thing about malware is that it’s often hard to spot. If you’re not sure if malware has infected your site, follow the below steps to be safe.

1. Find the Malware

Malware can run in the background of your site for a long time, messing with things but not enough for you to notice. To clean up your site, you’ll first need to do a scan so you can catch the malware.

Invest in a quality scanning tool, and use it often. The sooner you can catch malware, the less damage it can do.

2. Perform Regular Backups

Ideally, this step will start before the malware attack happens.

When you have a WordPress site, you should always back it up on a regular schedule. These backups give you a site that you can restore after cleaning up an infection.

However, if you haven’t been doing regular backups, you should still back up your site as soon as you realize it has malware. Ideally, your web host will have its own backup options, allowing you to save the complete site. Make sure to leave enough time for this large download to finish.

If you’re able to log in to your site, you might also use a WordPress backup plugin instead. But sometimes, malware will affect your ability to log in.

Contact a professional if you can’t figure out a way to download your site. But if you’ve made it this far on your own, you can keep working without bringing professional help in.

3. Download Your Files and WordPress

Now that you have a backup, download it to your own computer if you haven’t already.

Once you have the files, you should re-download the latest WordPress version. Installing the newest version adds a new layer of protection. After it’s installed, make sure to stay on top of regularly updating it. Running a completely updated site protects you from malware.

4. Delete Your Online Site

You now have a complete backup of your site safely stored on your computer, and a new version of WordPress that’s ready to go. It’s time to delete the current, public version of the site where the malware lives.

You’ll want to double-check your backup first to make sure everything you need is there. Then, go ahead and delete the public site. Your web host should have a file manager you can use that makes this process easier.

You might find some advice that suggests you go through all your files to find the compromised ones. However, this process is too tedious and unreliable. It’s better to delete the whole thing. Since you have a backup, you won’t be starting from scratch.

5. Install WordPress and Backup

Now, you can install your new version of WordPress. Upload your backup to this new, clean site.

6. Change Your Password

Your admin password for the site may have been compromised by the malware. Change it to something secure — a random mix of symbols, letters, and numbers is ideal.

Make sure to check and reset the passwords for any other users, too. If you have FTP (file transfer protocol) password, reset it as well.

7. Rebuild the Site

Now comes a harder part.

You’ll need to rebuild your site by uploading themes, plugins, and photos again. You don’t want to use old plugins or themes, because they may have been compromised. As you upload images, check each file to make sure it doesn’t contain anything suspicious.

8. Change the Google Warning

If your site was infected, it probably got tagged with a warning from Google.

You’ll need to request a warning removal from Google. Make a Google Webmaster Tools account. Then, click “Health,” “Malware,” and then “Request” to get the new site looked over.

9. Add New Security Measures

You’ll want to be sure to prevent the same issues from happening again. Once you’ve got your site back up and running, this is a good time to install new security.

Performing regular scans is a good idea. In fact, you should do one now to make sure your site is totally malware-free. Then, use security plugins, or contact your web host about their security measures.

Looking for WordPress Malware Removal Help?

While it is possible to perform these steps on your own, you might run into trouble along the way. That’s where your web host comes in. A good host will be able to help with WordPress malware removal, and keep the new site secure.

However, not all hosting services are created equal. Looking for high-quality web hosting in Ireland? Learn more about our hosting plans here.