How To Remove Malware From WordPress Website Using Sitelock
Have you ever encountered malware attack on your site? If Yes, don’t worry there is a way to check the website for malware and immediately remove them. Hackers always looking for stealing the confidential information of small businesses sites. They always point those sites that are ranked top in search engines.
Many studies show that sites that are running on WordPress platform have 100% possibility to get hacked. Because most of the top results powered by WordPress.
Unfortunately, Last week I received an email letting me know that the site has been temporarily shut down due to malware infection. They told me that there is a report regarding malware being hosted on an account under my control. So, they closed my site access to stop the further complaints.
See how this notice looks like –
Early morning when I checked out my Gmail account I saw this notice. I had no idea what to do. Without any further due I contacted my hosting provider and asked for help.
Fortunately, they gave me the solution and my site was live. To fix malware infected website they advised me to install sitelock security to avoid further malware attacks. So, immediately I purchased the “Find” plan of sitelock.
Luckily, I did not receive any further notice before activating sitelock security. But after 3 days hosting provider again reported a malware code that was installed into my directory. Resulting, again my site was dead.
The second notice is here –
Then I puchased sitelock “find plan”.This security tool scanned my whole directory and listed all the malware files. But it was unable to automatically remove them. So, malware removal process was done by me. That’s why my site was not on the server. I took 15 minutes to complete this process. After that, my site again came back. But I won’t suggest you buy this plan of sitelock. Because it requires manual removal process which makes it laborious. However, this is good only if you find some countable malware attacks.
But if there is a ton of malware files spread over your directory then removing them manually could take a reasonable time. In my case, Sitelock found 16 malware files into my public_html folder and I took 10 min to locate & remove them.
Hosting provider does not activate your server until you will remove all infected file from the server. Google may also blacklist your domain which may affect your domain trust and citation flow. So, don’t take the risk just purchase the “sitelock fix plan @ 6.99$” which automatically remove all the infected files from your server.
Above story was mine when I encountered malware attack on my site. Now, It’s time to uncover how to remove malware from your website. However, there are a number of malware removal services that can make your site free from malware infection. But all these services are not affordable. So, today I am going to share affordable services that fits you.
Before I started, let’s talk a little bit about what is malware and how they can damage your WordPress site.
What is malware?
Malware is identified as a malicious program/code/software that acts opposite to the interest of computer’s user. Malware covers all the terms used to define a virus, malicious code, adware, Trojan horses, spyware etc.
These are any code or software that could harm your system. For example, installing an outdated software into your computer may infect your whole system. Because outdated software is not modified by software provider and can easily be manipulated. That is the reason, while you download the outdated software into your computer, the system warns you that “this file or software may harm your computer”.
The same thing happens, while you upload or install an outdated plugin/theme/any other file into your web directory then this malware secretly enter into your server and try to steal your website’s content.
What are the precautions to prevent WordPress hack?
It is always good to secure your site so it never hacked. For that, you need to take some steps to make your site free from malware and hackers –
- Use a paid anti-virus to secure your system and network as well. An infected system could harm your WP-admin area. So before login to WordPress dashboard make sure that your system is free from any infection.
- Never upload any theme/ plugin on your server that is not being updated for a long time.
- If you notice any WordPress updates then immediately update them.
- Never make “777” mode security permission. Because it permits a visitor to edit your web page into word format. [777 means read, write and modify]
- Take regular backups for an instance recovery.
- Make your site fully secured by Sitelock and SSL
- Don’t download the themes from untrusted sources.
- Use a long and secured password. [include special symbols instead of letters]
- Periodically change the WP admin password
- Run your site on a reputed hosting server.
- Remove unnecessary themes, plugins form your Cpanel
- Install a security plugin like Wordfence, Sucuri.
- In case, if you have a free version of these security plugins then regularly scan your site. Because free version doesn’t allow automatic scan.
- To prevent WordPress hack make some modification into the robot.txt file. Disallow the search engine bots to index your WP admin page, WP– includes, plugins, themes files
- Secure your .htaccess file
- Secure wp_config.php file
As I mentioned above recently, my website server has locked. Which makes me curious to know the reason behind this lockout. I am taking about sitelock and Wordfence. Both tools helped me to remove malware and make my server free from any infected file, software or code.
So, let’s discuss one by one…
Wordfence is a very powerful plugin. It has both free and paid version. I am using the free version of this plugin. I am so glad that free version includes all necessary security features.
Automatic malware removal is the common drawback of this plugin. To include this feature you need to buy a premium plan. But the good thing is that it notifies everything that you consider as a security essential [given above].
But free version of this tool only helps before getting hacked. Once you get hacked, this tool is no longer available for you. Because hosting provider does not permit you interact with WordPress admin panel and you can’t address, where the malware has been injected. So make sure, scan your site regularly and fix any issue notified by Wordfrence security plugin to minimize the chances of getting hacked.
This was free version of Wordfence. But if you upgraded to premium version then you don’t need to worry about anything. This tool will take care of everything.
It has tons of features like blocking of malicious traffic, 2-step security for WordPress login page, WordPress firewall to protect form bot attacks, monitor the real time traffic, DNS security and compatible with IPv6 etc. [Learn more about wordfence security features ]
#2. Sitelock: — A malware removal tool
Now, let’s move on the second malware removal tool “Sitelock”
This tool is really awesome. Currently I am using this tool to take care of all security issues. The feature are similar to Wordfence. I really like the Sitelock smart scanner. It automatically removes all the malware available into your web directory.
There are three plans find, fix and protected [For hostgator]. I recommend you “fix plan” because it has the feature of automatic removal. Find and fix both are pretty similar excluding automatic malware removal feature.
Once you have purchased, you need to setup your account and configure it. But make sure find plan does not include smart scanner. So, you need to remove all the malware files manually.
Follow these steps to make your site free from malware/malicious code (“find plan” of sitelock)
When you receive any alert from hosting provider then it’s time to ready. First of all, login to cpanel and open the file manager. In public_html folder you will find a malware.txt file. This is a detailed list of all the malware code present into your directory.
Now, download this file into your computer and open it. Here you will see all the files with their exact location.
Delete each and every file form the directory.
After cleaning, it’s time to repair your website again. Because sometime malware may be installed into your WordPress core files which makes your WordPress login page broken. That’s why you need to repair your site by re-uploading the fresh WordPress core files. This is only required if you find malware infection within your core files like WP-admin.php, WP-config.php, WP-setting.phop, index.php and so on.
Once your website goes live, take a backup of your website. For taking backup you need to open your Cpanel and click the backup button. It takes time to prepare the backup file. Once done, download the backup file into your computer. Finally, you have removed all the malware files form your server.
This was all for “sitelock find plan”. But if you buy “fix plan” then you don’t need anything. Smart scanner will automatically remove all the infected files from your WordPress directory. Sitelock smart scanner continuously scan your whole directory and if it detects any malware attack on your site. It immediately remove them form your site and send you an email to let you know that malware has removed from your site.
This is the gmail delivered by sitelock which confirms that your site is now free from any malware infection.
#3.contact to your hosting support
No one knows that what is going to happen in the next day. Sometime, the situations may be opposite. In case, if you have no one to help then always contact to your hosting support.
When I felt into grief, I contacted my hosting support and they served me well. Here you can see my recent conversation while they reported a malware attack on my server. See how they solve my issue within 15 to 30 minutes.
In a nutshell, security is the prime concern. So, never ignore it. In this article I have mentioned two methods that could help you remove all the malware files from your WordPress site.
Free Wordfence security tool couldn’t help you after getting hacked. But it can be used as a cleaner. For better protection upgrade this plugin.
Hope you would enjoy this article. If you like this article then don’t forget to share on Facebook, Twitter, LinkedIn and reddit etc.
If you have any issue feel free to ask.
Originally published at mechaplanet.org on October 27, 2017.