How To Remove Malware In WordPress - 2 Methods

How To Remove Malware In WordPress – 2 Methods

ByPhillip Stemann

WordPress covers more than half of the websites in the world. This means hackers also try to focus on attacking WordPress websites as they are built similarly.

if the accident happens and you have malware on your WordPress website. Then the easiest way to get rid of the malware is to install the free plugin Wordfence, run a scan and delete or repeat the files necessary.

Now this is very brief, and you can also do this manually if you don’t wish to install a plugin. But the most straightforward way is to use Wordfence. But let’s dive into what malware is and what it does to your website.

What Is Malware In WordPress

Malware is malicious code added to your files.

WordPress is built on top of PHP, and PHP is a programming language divided into multiple files.

When your website gets hacked, sometimes the hackers take down your website, but other times they let it stay up and add malicious code to your files.

When they add malware to your files, they can manage your WordPress website through the files. So even if you delete the user they hacked, they can still access your website through the files. That’s why it’s important to remove the malware completely

This often happens if you’re using outdated plugins, your password is too easy to guess, or one of your plugins simply has a backdoor for hackers to come in.

To remove the malware from your WordPress website, you can either do it manually or with a plugin. I’ll recommend you do it with a plugin, but doing it manually is also an option, even though it’s more time-consuming.

[cboxarea id=”cbox-DZ7YzH84qT48YAf1″]

1. Remove Malware From WordPress With Plugin

This is my go-to solution, as it solves the problem 9/10 times. Even if you go with manual removal, the second method, running a scan with a plugin, is always a good idea.

First, you’ll have to install and activate the free plugin Wordfence. While installing, you’ll be asked for a license. Here you just choose the free plan and install the license.

Next up, you’ll have to run a scan, which can take some time. Just start it and let it run in the background.

wordfence scan 1

The free plan will check the state of your server, and file changes, do a malware scan, and check your content safety, public files, your password strength, and a vulnerability scan. It’ll check all of it for malicious code.

If Wordfence finds any issues in your file or content, it will let you know in the table below “Results found”. Often you can fix the issues by clicking on the button to the right: Repair all repairable files.

If it can’t fix the issue, you’ll have to move to step 2, where you must do it manually. If the malicious code is in the core WordPress install, I download a fresh instalment from WordPress itself.

And then, I upload and overwrite the file with malicious code. If I can see the file doesn’t exist in the fresh WordPress instalment, then I just delete the malicious file.

As you can see, I didn’t have any issues, luckily, and this is the display you want to see. It’s always a good idea to run a scan once in a while to ensure you have no malicious code.

wordfence nu issues

Remember, once you’ve cleaned out all your malicious code change your password for your admin users, FTP accounts, and database accounts on your WordPress website.

2. Remove Malware From WordPress Manually

Now this is a more time-consuming way of removing malware from your WordPress website, but sometimes this is just the necessary way.

Before you begin, you should take a backup of your WordPress website and database if you’re not already doing that.

First, I’ll recommend you update your WordPress version, themes, plugins and PHP version. Your WordPress website is often hacked because you’re using outdated versions with vulnerabilities.

Now it’s time to really get started. Start by heading over to WordPress and download the newest version of WordPress.

Get FTP access to your WordPress website, and delete the 2 folders, wp-admin and wp-includes. And then, upload the folders from the WordPress instalment you just downloaded.

Next up, you need to check through wp-content. The best you can do is to re-install all your plugins and themes. So delete the plugins, and install them again. Do the same for your themes to ensure you have the newest version without malicious code.

And then, go through the folders which are not /themes/ or /plugins/and look for malicious code in the files. Here you need to look for the following keywords:

  • base64
  • exec
  • move_uploaded_file
  • str_rot13
  • gzuncompress
  • eval
  • stripslashes
  • system
  • assert
  • preg_replace
  • Or any other strange characters you don’t think belong in that file.

If you see any of this, delete it from the file or replace it with one from the fresh WordPress instalment you just downloaded.

Now you should be in the clear. Now it’s time to change all your passwords to your WordPress user, FTP account and database account.

Lastly, I’ll recommend you still run a scan with Wordfence to ensure you removed everything.

Get Help From A WordPress Malware Expert

If you didn’t succeed with any of the methods, you’d need to contact a WordPress malware expert.

I’ll recommend you take a look at Fiverr. You can get someone to do it for as little as $20; just ensure they have some great reviews.

FAQ

How do I check for malware on WordPress?

Install the plugin Wordfence, and run a scan. Immediately you will get an overview if you have malware or other issues on your WordPress website you need to take care of.

How do I remove a virus from my WordPress site for free?

The plugin Wordfence is entirely free to use. They have a premium plan, but the free plan helps you easily remove viruses from your WordPress website.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *