From the perspective of both end-users privacy and website ranking, security is an integral factor. It’s reported that 70% of Alexa’s top 1 million websites are vulnerable to malware attacks. Security is something that you have to look at routinely. A lot of website hacks are attributed to the outdated core, malicious plugins & themes, and weak passwords.
As a creator, various methods help you strengthen your WordPress security. However, what to do in case your website has already been attacked? In this article, we’ll look in-depth at how you can detect malware in your WordPress website and cure your site of these malicious files.
What are malware attacks & how you can fix them?
WordPress is perhaps the most popular CMS for creating websites. Experts review the website builder of WordPress to embed a site with many integrated security protocols. Apart from WordPress, there are various CMSs like Joomla, Magento, Wix etc. You can even read Site Creator review, Magento reviews or wix reviews in order to find out the most secure option available for you. With popularity spike, WordPress has seen a 170% growth in malware attacks in the past couple of years.
Malware essentially is malicious software and codes that infect and spread within a system. From redirecting traffic from your site to other websites to completely shutting down a site, malware can seriously damage your website. These malwares are sneaked in the system either through outdated plugins & themes, malicious code snippets, breaching password protections, or even through malicious media file uploads.
Fixing the problem
There are two effective ways of dealing with a malware infection. Either you can use a plugin to fix your malware problem or manually detect and remove malware infection.
Plugins are quick and easy to use but less effective than the manual process. Plugins usually scan for malicious codes and files and remove them from the system. Before using a plugin, it is best to create a complete backup in case something goes south.
Some great plugins offer over-the-top features, enhancing the security and performance of your site.
- Astra Security Suite
These plugins are great in case you really want to invest in your security. Their premium is affordable and allows you for multiple scans and removal without charging you each time. However, in case you are looking for a free plugin, SecuPress is a great option.
In case the site has crashed completely, manual removal is the sole choice. While manually removing the malware, you interfere with your core files and database. Therefore, it is slightly sensitive.
1 – Run a complete backup
The first step is to create a complete backup of your website. If you can login to your site, use a backup plugin to create an entire backup and download it on your hard disk. Go to Tools>Export and export the XML file of your content.
You can also create a backup via your web host. You can create a backup using the web host’s file manager. Create a zip archive of your wp-content folder and download it to your hard disk.
Also, it is vital to download your .htaccess file. This is an invisible file, so while launching your file manager, turn on the option to show Invisibles.
2 – Examine the backup
The downloaded backup of your website will contain the following files:
- WordPress core files
- wp-config.php file
- .htaccess file
- wp-content folder
- Database files
Once you have the complete backup of your server on your hard disk, visit the file manager on your web host. Delete the files in yourpublic_html folder which are likely to be infected. However, you can skip the cgi-bin folder and server-related folders as they are not likely to be corrupt.
3 – Re-installation and Reset
Deleting the public-html files removes WordPress from your server. Re-install the latest version of WordPress by one-click install feature in your web hosting control panel. We need to reconfigure and reset some of the files so that you have access to your former database credentials.
You need to edit your wp-config file by referencing your old file from the downloaded backup. It is not wise to reupload the old file as it may again infect the system with malware.
Now, you must be able to login to your website. The first thing you want to do is to reset all your previous usernames and password as they might be compromised by now. In case you see a user, you don’t recognize, immediately revoke access. Reset your FTP and hosting account passwords as well.
Now to get your previous URLs to work again, simply go to Settings > Permalinks >and click Save changes.
4 – Reinstall plugins and themes
With your site access restored, your usernames and passwords reset, old infected files deleted, and URLs up & working, you are ready to reinstall your theme and plugins to bring back structure to your website.
We recommend that you do not install plugins and themes that are outdated, not compatible with the current WordPress version, or do not receive regular updates.
5 – Reupload media files
There is no shortcut to go around this bit. You need to manually go through every folder by date and check for malicious files in your database. You need to remove all the malicious files from the wp-content folder before reuploading them to your server. This is a tedious process but is important or else you will compromise all the progress you have made so far.
6 – Run security check
By now, you must have your website back in shape. In case you were not thorough with the above process, then this step will be the last check on it.
Install a good security plugin. You can choose one from the ones we mentioned above. Scan your website for a final examination. This helps you close the ends you might have missed.
How to prevent malware attacks In future
Kudos for having your site secured. Now you must be wondering what you could have done differently to avoid this whole circus altogether. A lot of blogging tutorials on security miss out on these basic measures.
- The first line of security is your login password. Ensure that it is not a predictable password. Keep a strong and unique password.
- Ensure that your web host offers SSL Security, automatic backups, network monitoring for suspicious activity, preventing DDOS attacks, etc.
- Install a good security plugin that can run automatic routine scans and alert you in case of a breach.
- Update your WordPress, plugin and themes to their latest version.
- Change file permission to 644 and folder permissions to 755 instead of a generic 777.
- Hide the wp-config file by moving it to the root directory i.e your_host/wp-config.php.
Creating and managing a website is hard work. Many hopes, effort, and energy are invested from your end. Securing your website is the key to last longer and healthier online. Numerous hackers can take down your website or cause some irreversible damage. You must always have preventive measures in place.Guides like this one and professionals can help you come out from bad places. However, prevention is always better than cure.