How to Remove Malware from Your WordPress Site

How to Remove Malware from Your WordPress Site


Share on facebook
Share on linkedin
Share on twitter
Share on whatsapp
Share on pinterest

WordPress is the choice of many business owners because of its simplicity. You can easily entertain and inform your followers and manage your business website without solid technical knowledge.  However, WordPress also comes with its vulnerabilities. Malware is one of the common scenarios. So it is crucial to understand how you can remove it from your WordPress website. 

This article will examine the topic from two different aspects. The first is how to remove malware from WordPress websites. The second is how to prevent it in the future. So let us begin without any delay. There are three ways to remove malware.  

Remove Malware Through Plugin

One of the most efficient ways to remove malware from the WordPress website is to use any plugin. It is the most effective way. However, this is possible when you can access your WordPress dashboard. You will access it and install a plugin. Try to find the plugin that requires the minor configuration and performs the scan on their servers. Hence, there will be zero impact on the performance of your WordPress website. Sometimes, the damage is so severe that you cannot access the dashboard. So what to do now?

Hire The Professionals

So you cannot access your dashboard. Well, it is not difficult to find professional WordPress malware removal services. Sometimes, even your hosting provider may offer some help. However, it could be quite an expensive method. If you do not want to spend on this, you can also try the manual removal method. Again, it is not as difficult as you may think.   

Steps For WordPress Website Removal


  • Back-Up Files & Databases For Website

Check if you can use the snapshot feature of the web host. Use it to back up the complete website. It would be through backup and may need time to finish. Or, if you can log in, you can also use the WordPress backup plugin. 

If hackers have compromised the database, you will not be able to log in. In that case, you will need professional WordPress backup services. But if you can log in, make sure to have an additional backup of databases. Also, do not forget to have an XML file of your content. 

Many websites are too large. You can find all of the uploads in the wp-content folder. Try the web host’s File Manager if both the backup plugin and snapshot feature do not work. It can help you make a zip archive of your content folder. You can download the zip file later. Also, make a backup of your .htaccess files. This file is invisible. Use the show invisible setting in the web host’s File Manager. Rename it to see on your computer and then download it. Finally, have a backup of the .htaccess file.

  • Check The Backup Files

When the backup is done, download the backup to your computer. Double-click to open. The backup is successful if you can find all of these things:

All WordPress core files: Download WordPress from and check if your core files match theirs. These files can reveal some important information about the hack.

Wp-config.php file: It is a critical file with sensitive information. It has a name, username, and password to your WordPress database. The restoration process needs this information.

.htaccess file: As we discussed earlier, this file is invisible by default. A good idea would be to view your backup folder with an FTP program or code editing application. FileZilla and Brackets are good tools. They allow you to view the invisible files within the application interface. 

The wp-content folder: These three folders should be there if the backup is complete. Themes, uploads, and plugins. Check the folders and find them. If you can find them, you have successfully taken the backup. It is a mission-critical folder.

Database: Also, there should be an SQL file in the export of your database. 

  • Delete Every File in the public_html Folder

Once this verification is done, find the public_html folder and delete files in it. Be careful not to delete the cgi-bin folder. Also, do not delete server-related files free from the hack. You can use a web host file manager for this too. Other options are FTP and SSH if you are comfortable with them.  

Cross infection is common on websites. Did you also have other websites on that same server? If yes, chances are those websites will also be infected. You need to clean them as well. The procedure would be the same. Take the backup, download the backup, and then do the following steps. 

It may sound challenging. Yet, it is better than trying to scan and find all the hacked files on the server.  

  • Reinstall WordPress

Using a one-click installer of your web hosting control panel would help you save time. First, reinstall WordPress at the original location of WordPress install. Most probably, it would be a public_html directory. However, if WordPress were installed in an add-on domain, the actual location would be an add-on domain. When the new install is done, edit the wp-config.php file on it. Then, you can use the database credentials of your former website. This would result in connecting the new WordPress installation with the old database. 

It is better not to re-upload the old wp-config.php file. The new one will be fresh and free of compromised code.

  • Reset Passwords & Permalinks

As the new installation is done, you can log in to your website. Now, reset all usernames and passwords. Are there any users you do not know? If yes, you should contact a professional to ensure there is no unwanted code in your database. Your database has been compromised. Depending on the situation, you either need to correct the old code or delete the old one and install the new one. It could be time-consuming, but it is essential. 

Visit settings, go to Permalinks, and click save changes. Your URLs will start working again, as your .htaccess file will restore when you change permalinks. Be sure to show invisible files while deleting files on the server. It is necessary to make sure there is no compromised file left. We know about hidden file .htaccess that controls many things. For example, it can redirect people from your website to any other website. Ensure to rest all FTP and hosting account passwords as well.

  • Reinstall Plugins

You can use the WordPress repository or see new downloads from premium plugin developers. However, be careful not to install old plugins. Also, do not install plugins that are not maintained.

  • Reinstall WordPress Themes

Go to the new download and install your theme. However, you may have customized your files. How will those changes revert? Well, this is why you take backup. Reference to the backup file, and make the same changes again. 

Do not upload the old theme. You will not be able to recognize the compromised parts. 

  • Upload Your Images From The Backup

This is a little tricky step. First, of course, you need your old images. It requires you to copy the images in the folder wp-content > uploads. But what if you also copy the hacked file during the process?

Carefully check every month or year folder. Ensure that there are only image files and no PHP or javascript files. Ensure there is no mysterious file you never uploaded to your media library. Sure, it will be a lengthy and time-consuming task. When you are sure that there is nothing wrong with the folders, use FTP to upload them in your wp-content > uploads folder. 

  • Scan Your System

Make sure there are no trojans or viruses. 

How To Protect Your Website In The Future?

It may sound surprising, but human error is the main reason behind most security breaches. Basic safety measures can help you save your website. Let us discuss a few basic steps.  

  • Updates

The first thing to ensure is that you are always up to date. WordPress is regularly maintained and updated software. The system automatically makes minor updates. However, the administrator has to start the significant updates manually. 

  • Set Regular Backups

Losing all your data is almost a trauma. However, you can easily avoid it through backups. Backups daily or weekly make sure that you can quickly revert in case of a breach. However, the frequency of backups depends on how frequently you upload new data. 

If you upload new data every month, you should also take backups every month. Or maybe you are publishing a new blog post every week. In that case, you need weekly backups. 

  • Only Use Official Platforms

WordPress is an open-source platform. That is why there are so many insecure plugins and themes in the market. Do not use anyone from public collections. Instead, go to the WP plugin directory. There you will find both free and paid plugins. 

  • Find The Best WordPress Hosting Service

A good WordPress hosting service will install server-level firewalls even before WordPress installation. It also installs intrusion detection systems. Good service providers know everything about WordPress security and provide everything you need. 

  • Scan Your Website Regularly

Not all cyberattacks will stop your WordPress dashboard access suddenly. Sometimes, attacks work behind the scenes. Your website usually keeps working, but you face unexpected performance issues. In addition, websites may behave suspiciously, or you may lose traffic suddenly. So, it is essential to scan the website on and off. 

  • Enable WordPress Firewall

It is your first and foremost defense line. Enable the WordPress firewall and ensure that you install the SSL certificate

Wrapping It Up

The best defense against cybercrimes in 2022 is proactive behavior. So have the systems that are constantly checking everything. 

For Discounts and Offers Visit Our Official Facebook Page at GridHosting