Let us just start by saying to those reading this, WE ARE SO SORRY if your WordPress site is infected right now with malicious code or malware. This surely not only may be impacting the visitor experience but also good be hurting your search engine rankings if you have been Blacklisted. Now before you read on, please note that shortly you will be learning The Fastest Way to Remove a WordPress Infection. Below are the steps you can take to to get your site clean of all infections and then go back and cleanup the design and functionality.
Items you will need to complete this:
- FTP credentials – these can usually be obtained from your web host our hosting panel
- FTP client – this is the software that will allow you to connect to your website and access all files. Here is a list of the 6 best free FTP clients for WordPress
- Patience – depending on how big your site is, it may take awhile to complete the steps below
STEP #1 – CONNECT TO SITE VIA FTP
This is where will will move, delete and reload files into your WordPress installation. FTP allows us to make seamless file transfers from your hosting server to your computer.
STEP #2 – REFRESH WORDPRESS CORE INSTALL
The core files used to power your WordPress site are often the main location of malicious files. We want to wipe out all the core files and install fresh copies. To do this we will make sure we are connected via FTP and inside the root folder of our infected WordPress website and follow the steps below.
- Delete folders wp-admin and wp-includes
- Delete all files ending in “.php” EXCEPT wp-config.php
- Download the most recent version of WordPress at THIS LINK
- Unzip your freshly downloaded version of WordPress and delete the folder wp-content from the un-zipped folder
- Drop all folders and files into the root folder of our infected WordPress website
STEP #3 – CLEAN OUT PLUGINS
Now this is another area that malicious code likes to live and breathe. Follow the steps below to get this area of your WordPress install fresh and clean
- Create a folder of your choice somewhere on your computer naming it whatever you like
- Using FTP, navigate to your plugins folder via the path wp-content/plugins
- Once in there, drag all the folders to the location of the new folder you created in step #1
- After all plugin folders have been backed up to your computer, delete them all. DO NOT delete the main “plugins” folder. Just the folders within it
- You will need to install fresh copies of each plugin either next or once you are all clean
STEP #4 – CLEAN OUT THEMES
Over the years this area of your WordPress install can be really overloaded with unused folders and files. You only need to hold on to your active theme or active parent and child theme. So if you know what those are, delete all the other folders. Follow the steps below.
- Navigate to the theme folder using FTP at the path wp-content/themes and drag the active theme folder(s) to your computer
- Delete all folders in the theme folder of your server
- Get your hands on a fresh copy of you active theme and drag it into your themes folder using FTP
STEP #5 – CLEAN OTHER FOLDERS
Alright, you have made it through steps 1-4 and now it’s time to login to your site and run a scan for some other areas of your WordPress installation that could contain malicious files. Follow the steps below to complete an on site scan
- Install a plugin called “Anti-Malware Security and Brute-Force Firewall“
- Activate plugin and head over to scan settings
- Register on gotmls.net on right hand side of screen
- Download the newest definition updates to scan for known threats
- Run full scan and quarantine files that return as threats
Now these 5 steps is the very least you should do to remove any infections and will allow you to pass a malware scan and a Google site review to remove a blacklist status on your site. Once these things are completed, your site may need extra attention. For example if you have modified theme files, your design may be different. Or some plugins do not retain all settings and you may need to set them up again. One thing is for sure though, YOUR SITE WILL BE CLEAN.
Remember that your ultimate goal is to find the infected files and do 1 of 3 things:
- Clean the file out
- Delete the file if not needed
- Replace the file with a fresh & clean version
We also can do all this for you with our WordPress Malware & Virus Removal service