Cleaning Malware from the website is not an Easy Task. There are many signs that show that your website has been hacked Ex: It is redirecting to other Websites URL, If Google Detected Malware it will block Your Website with error ( “Malicious content Ahead” ), and also there are some files which remain undetected but it may attack your website by accessing from backdoors.
How To Identify Malware in Your Website Files.
Malware can be found in any of the files of your website ( PHP, HTML, Database and any other areas ). To detect malware in your website install & Activate Wordfence plugin and start scanning your website it will take some time to scan all your files, once it is complete it will show Issues Critical & Warnings ( Ignore Theme, Plugins, WordPress Update Issues as they are just Warnings ) Check the files and locations Where Critical Issues Occurred Wordfence will show file name with its location and Malware code which gets added in that file.
How To Remove Malware From Website
If you are going to attempt to clean the site yourself, here are steps I recommend:
Step 1: Create Backup of all files and Database
Files Backup : The first step is to make a backup of all your WordPress files and folders this is because we are deleting all WordPress files Except ( wp-content folder and wp-config.php ) in very few cases Some Plugins and Theme will be not compatible with Latest Version of WordPress in that case we will restore That plugin or theme from backup.
Database Backup : Make Backup of your Database from phpmyadmin.
Step 2: Reinstalling Theme and Plugins
Now Our next step is to Reinstall Theme and Force Update all Plugins( Note: Delete Unused Themes and Plugins ).
Theme Reinstallation: Download the fresh copy of your theme zip file and reinstall and activate your theme. If you had customized your theme note the changes and replicate on the fresh copy of theme (Note: Don’t Update Theme ).
Force Update Plugins: Force Update your plugins it means that if an activated plugin is of latest version still it is forced to be Updated. Use BAW Force plugin Updates WordPress Plugin to force all plugins to get updated.
Step 3: Replacing WordPress Files and Folders from cpanel/filezilla Except ( wp-config.php, wp-content, and verification files )
Which files to be deleted?
Delete all WordPress Files and folders except ( wp-config.php, wp-content, and verification files ) even you haveto delete .htaccess file which is hidden. you can make it visible from settings > show hidden files and folders.
Why do not delete wp-config.php, wp-content, and verification files?
wp-config.php: This is the file from where you will connect WordPress with database if you delete this file then you will get an error “error in establishing database connection”, if you find any malicious code in this file then remove manually.
wp-content: As the name indicates this is the folder where all of your website content is stored, Your Thems, Plugins, Media Files etc so if you delete this folder then your website will be gone.
Verification Files: Verification files are to verify that you own your domain and server, some of the verification files are: google webmaster file, Email verification file etc. if these files are present in public_html then don’t delete.
Download Latest version of WordPress from wordpress.org website and Upload in public_html.
After Uploading WordPress in public_html, extract that zip file it will create the folder called WordPress copy all files from WordPress folder except wp-content folder and move to public_html.
Step 4: Save permalinks and scan Website
After Replacing WordPress files login in WordPress sometimes it will ask you to Update WordPress Database Hit ok now you will see your WordPress dashboard.
The first thing you have to do is Save permalinks because you have deleted .htaccess file which is responsible for website links you will see 404 error if you visit any page so it is necessary to save permalinks to recreate the .htaccess file.
Now scan again in Wordfence to check if the website is cleaned or not. After doing all steps definitely, the website will be cleaned and you will see no more critical issues.
Alternately if you are not getting emails because of malware Attack scan your website in MXtoolbox if it is blacklisted in some sites Request for review where your website is blacklisted.
Similarly, scan your Website in Scuri and Request for review where your website is blacklisted.
Step5: Request for Review in Google Webmaster Tools
Now last and final step is to request for review in google webmaster tools. if you have not added your website yet in webmaster tools first add It and follow steps.
- Goto Your website by clicking on your domain name.
- You will see a dashboard at left click on security issues
- from security issues check “I have fixed this issue”
- Click on Request for review, a popup will open tell how you resolved issue click on request for review button.