Malware is a big headache for every WordPress blogger. Due to malware attacks, most of the bloggers are losing their website traffic and money. You need not worry if you know about the process of WordPress malware removal. I will brief you on how to remove WordPress malware.
We can remove the malware in two methods. One is installing WordPress malware removal plugins and another one is WordPress malware removal by manual.
Depending on your malware attack type you can choose the right method. Suppose if your website has malware, and you can access you, WordPress admin, then you can remove the malware by installing WordPress Malware Removal Plugins. So this is not a big task for you. You can easily do using the plugin. If you don’t have an idea about Best WordPress MalwareRemoval Plugin you can go through my previous post.
OK let me come to the important point. Suppose you can’t able to access your WordPress admin, and the hackers removed your access than what will you do? How to install a WordPress malware removal plugin? Now you can remove the malware by manual. I am here to show you how to remove WordPress malware by manually through step by step process.
7 Steps to Remove Malware from WordPress Site:
Step 1: Take backup whole websites
Before we start we need a current working copy. So first you need to take the backup of the files and database. You can take backup by using two methods. One is Taking backup using a file manager and another one is using Backup Plugin. If we can’t access WordPress admin than we have to use file manager to take backup.
Using file manager you need to download all the files under the public_html folder and save it on your computer
Step 2: Analyse the files and run the scan
Once you downloaded the files next step is to open the files and compare them with original WordPress core files. So that you can find modified and affected pages. Run your local computer virus scanner to find malware and remove it.
Step 3: Remove the WordPress core file
Malware generally at the default files of WordPress. So you need to remove all the files and the folders except wp-config.php file and wp-content folder. Almost 80% of malware is removed on this action. What next to remove the remaining 20% malware. The remaining malware is sitting on the folder of themes, uploads, and plugins.
So our next step is open the wp-content folder and note down the list of installed plugins names and remove all the subfolders of plugins. Once done open the uploads folder and check is any other new files are added? If yes, open that file and examine whether that is a correct file or any malware files. Remove if it is malware.
Step 4: Download the WordPress core files and Re-install the WordPress
Download the WordPress core files from the www.wordpress.org and freshly install it on your server. Refer to your old wp-config.php files and make changes to the newly installed wp-config.php file.
Step 5: Reset WordPress password and load old database
This is the time to reset your password. To reset the new password. The next task is the main and important task. That is loading our old database.
Replace your old database to the new one. Except for the database tables wp-users and wp-user meta.
So we copied all the previous contents and URLs through the database table.
Step 6: Reinstall plugins and Themes
We are having a list of old plugins and themes. So freshly install those plugins and themes now. So our next step is loading images from an old backup.
Step 7: Copy images from your backup
We already examined and scanned the wp-content->uploads folder. so our next step is to copy every file of uploads folder and paste it newly installed wp-content->uploads folder. We were Done. Now check your website. We removed all the malware.
The final process is protecting our website from future malware attacks. Prevention is always better than cure. Am I correct? Ok, so you need to install security plugins. Also check whether you have installed anti-spam, back up and malware removal plugins. These are very important to protect your websites from malware and spam.