Malware, or malicious software, is any application or document that’s harmful to a computer user. The malware contains computer viruses, worms, Trojan horses, and spyware.
The time needed: 3 minutes.
Stop Malware from taking over your website.
Table of Contents
Backup your website
If you make a mistake, your website is gone forever. So back it up somewhere safe!
Eliminating the Malware
Login into your website via FTP
You should see a bunch of files that look similar to this:
wp-admin
wp-content
wp-includes
index.php
license.txt
readme.html
wp-activate.php
wp-blog-header.php
wp-comments-post.php
wp-config.php
wp-config-sample.php
wp-cron.php
wp-links-opml.php
wp-load.php
wp-login.php
wp-mail.php
wp-settings.php
wp-signup.php
wp-trackback.php
xmlrpc.php
Delete everything except for the wp-content folder and the wp-config.php file.
I repeat: DO NOT, by any circumstances delete wp-content or wp-config!
Now your folder should look pretty empty, with only these two left
wp-content
wp-config.php
Check the files and folders for random / odd looking code.
In wp-content folder. You should see:
plugins
themes
uploads
index.php
Delete and upload a fresh copy of your plugins.
Remove any themes you aren’t currently using.
Be careful that you don’t permanently remove any parent themes used by children themes.
Upload WordPress
Upload everything in the fresh WordPress download except for wp-content (this is the file you downloaded in step 1)
I repeat: DO NOT replace / overwrite the wp-content folder. I normally delete from my computer so I don’t accidentally upload it to the server.
Change Passwords + remove unrecognized users
Change the passwords for your users. Removing any users you do not recognize.
Check file permissions
Folders need to be set to 755, Files 644, wp-config.php 600, .htaccess 600.
If you understand SSH, you can use the settings below to automate the process of updating your folder permissions. Update the commands based on your server file structure.
If hackers keep gaining access to your WordPress website, or you are unable to remove the Malware, please contact me and I can help you.