Complete Guide to Clean an Infected WordPress Site
As with any other online property, such as social media accounts, your website may be infected by malware and other attacks. So with this comprehensive guide to cleaning up an infected WordPress site you will know exactly what to do.
Activate maintenance mode
Table of Contents
Enabling this mode will indicate to both users and search engines such as Google that there is unwanted activity on the site, which will prevent you from gaining a bad image.
There are several ways to activate WordPress maintenance mode, the simplest is by installing the WP Maintenance Mode plugin, which can be downloaded directly from the official WordPress site.
Identify the problem
The next thing is to run a diagnosis to identify exactly what the problem is. To do this, you can use sites like Sucuri or Google’s diagnostic website, both of which can perform a diagnosis via the WordPress site link.
Once you have the result, you should contact your hosting provider to inform them of the problem, as the problem may have affected other sites on the same hosting network.
Analyze your equipment
It is likely that the attack originated through an attack on your computer, so it is important to check if it is still infected and, if so, remove any viruses or malware that are affecting you.
This requires installing a good quality antivirus that will scan and clean your computer. Among these we can recommend Kaspersky Antivirus and Panda Global Pretoection.
Make a site backup
Before starting any changes to your WordPress site, it is recommended that you make a backup of the entire site, in order to avoid the loss of information.
Change passwords
To restrict attackers access to and prevent further damage to the site, the next thing to do is to change the password for all users.
When doing this, it is recommended that you verify which users are registered as administrators. If you find users who shouldn’t be there, delete them immediately.
Clean files and directories
Now, to clean the files you must follow these steps:
- In case of using cache plugin, disable it and clean it .
- Install the WordFence plugin and run a check.
- Download your theme from the / wp-content / folder and edit as directed by the above plugin.
- Update the versions of the other WordPress plugins that you have on your computer.
- Download the most up-to-date version of WordPress and unzip the file into a folder. Then, access your WordPress files with an FTP and, after sorting by date, compare with those downloaded to identify and eliminate malicious code.
- If you cannot remove the codices, replace everything in your files with the downloaded ones, with the exception of the / wp-content / folder, the .htaccess file, and the robots.txt file .
- Request a review of your site through Google Webmasters.
- Once finished, disable maintenance mode.
An attack on WordPress can be scary, but the important thing is to stay calm and attack the problem as soon as possible. With the help of this comprehensive guide to cleaning an infected WordPress site , you will have no problems, but you can always enlist the help of a professional if you are in doubt.