How to remove malware from wordpress site

how to remove malware from wordpress website

Recently many websites are infecting by malware or virus. Many website owners remain unaware that their website is infected by malware. Therefore in this article we would like to show you how to remove malware from wordpress site.

What Is Malware ?

They are major cyberthreat that can significantly damage your website or business. Website malware is an encrypted code which can use for many harmful things as below.

How malware affects your website

  • Delete website contents, database etc.
  • Advertise on website, text add, banner, video
  • Redirecting website traffic to another site.
  • Steal information sensitive information from site like user name, password, credit card info etc.
  • Sending unwanted and unexpected traffic and making website slow
  • Remove your site from searching engine index
  • Making a path to access your website further

How and what is the method to identify that website is infected by malware?

There are few ways to aware that website is infected by malware. Unexpected appearance of contents like, links, banner or video on the site. Hosting service provider’s warn by email with report of infected files, folders. Google console warning. Also, sometime virus guard that operate on the computer will block access of malware site or warn when you try to load the site on web browser.

How to clean malware infected files or delete files or folder created by malware. (How to remove malware from wordpress site)

As we are considering of removing malware from WordPress site, there are few ways to do it. There are some plugins, host security features like sitelock etc. available to install to prevent it, but of course those malwares must clean first of all. Cleaning malware is not an easy task because when cleaning malware script, part of the PHP code may be removed unexpectedly.

Hackers are inserting malware code mostly in top or very bottom of the php file.

so lets start cleaning manually…

1. Login to your cpanel
Here I use siteground cpanel. Once you logged to cpanel, you can see warning message if there was any site infected by malware as below.

2. Now, open the warning report and it will be look like below, here you can see all the infected file names with malware code.

remove malware

3.If you notice in above report many files infected inside the wp-admin, wp-includes then its better to upload fresh copy of those two folders and other root files. You can download complete wordpress pack as a zip file from this link Once you downloaded, just unzip the folder. You can see list of two folders and other files as below.
How to remove malware from wordpress site

4. Now, select these two folders and other files and make a zip file as below. Dont select wp-content folder, because this folder containing all the themes, plugins and upload contents so overriding fresh copy of this empty folder with wp-content folder inside the server will lost the site.

remove malware

5. Go to file manager in the cpanel, open the particular domain root folder and upload the zip file into domain root folder as below.

cleaning malware

6. Once zip file is uploaded, select and delete the two folders and files inside the domain root folder as below. Don’t delete wp-content folder and wp-config.php file.

7. Now after deleted all selected two folders and files, select the uploaded zip file on step No. 5 above and unzip it by clicking extract button that located on the top of the tool bar of the file manager.

If there was not many files infected in wp-admin and wp-includes folders, you can clean them manually each file so in this same way you can clean any infected files inside the wp-content folder any infected theme or plugin files.

When you open any infected file it will be look like below and (selected with blue color is the entire malware code) that need to be removed.

8. After all above steps, you should inform hosting provider to scan the site and put it live again. Also inform google console to re-list site on google search again.