HODL & Earn Crypto with Miny! - Earn passive income by holding Bitcoin, Litecoin and Ethereum in a smart wallet that leverages funds to secure AI powered mining hardware! The easiest way to make money in crypto, period.

Removing Viruses and Malware from WordPress

Posted by namanrastogi on May 6th, 2020

Removing Viruses and Malware from WordPress

WordPress with viruses? See in this article all you need to know about virus removal in WordPress. 

How to remove viruses from WordPress?

Security is something that every website or blog owner needs to keep in mind at all times. If it's a WordPress website, blog or e-commerce the concern needs to be redoubled! And the reason is simple: the immense popularity of WordPress as a publishing platform.

Preventive measures


  • Keep WordPress secure and customer domain plugins automatically updated. Except in cases of code problems on the site; 

  • Use strict firewall and web-firewall settings to prevent unauthorized persons from improperly accessing the site;

  • Active and collaborative lists of malware blocking, bad bots, and other measures that we will not detail for reasons of discretion.

However, blogs and websites hosted on shared server do not have the same type of security. As well as there is the possibility of a site being invaded because of problems on the administrator user's machine. That without knowing it, allows an intruder to take control of your site as if it were a legitimate access.

However, it cannot be stressed enough that the WordPress platform is secure. As long as the owner of the site uses strong passwords and keeps WordPress and plugins properly updated to the latest version. Therefore, the site does not "catch" viruses, even.

WordPress blog infection vectors

Well, the main vectors of WordPress blog infection are: 

  • Compromised workstations: the problem is not even with WordPress, but the fact that third parties have access to the site administrators' computer. Getting access to everything the person does. In this case, malware in WordPress ends up being a terrible side effect.

  • Unsafe file permissions: a poorly configured server may allow code to be sent to inappropriate locations. And executing them can open doors for intruders to take control of the site or even the entire server.

  • Weak passwords: the passwords used on the site (or FTP/sFTP) are so weak that an attacker can easily discover the site access credentials. 

  • Pirated plugins or themes: it is quite difficult to audit third-party code for undocumented or unexpected activities. Something that non-experts can even do. Codes of dubious origin are often the main vectors of invasion, opening "doors", installing spamming mechanisms, fake pages, and all sorts of illicit activity that can destroy a domain's reputation.

  • Free but unapproved plugins or themes: a template or plugin doesn't need to be pirated to be a malicious code carrier. It is common for some less scrupulous programmers to "obfuscate" parts of the code so that it is impossible for a human being to interpret what those lines do. These are plugins that would never enter the official directory because there is a need for the code to be clean and easy to read. This alone does not guarantee that there are no bad plugins in the official WordPress repository. 

Risks of keeping a WordPress infected

A WordPress site with a virus ultimately represents the risk of an entire workload of months, years of reputation building and traffic being destroyed in a few days.

Search engines, especially Google, for being the largest and most significant in terms of traffic, punish infected domains. Both by moving them to the last results pages or even removing them entirely from the index, and by marking sites as unsafe. Making browsers show an alert page discouraging visitors from continuing to access. 

Indications that the blog was infected

WordPress Virus Removal

The main "symptoms" of virus infection (malware) on a WordPress site are:

  • Impossibility to login to the site;

  • Google notifies Search Console (Webmaster Tools) of the presence of malicious code;

  • The site may become totally defaced ("defacement") or only some elements may leave the place, breaking the usual layout;

  • Google results may show text that is not from your site, even in other languages or alphabets; SEO Spam or Keyword Hack

  • Files may disappear without explanation;

  • Unwanted redirection to third party sites, regardless of their content (theft of visits);

  • Sending spam from your server;

  • Appearance of false pages from financial institutions;

  • WordPress redirecting to other site
  • White page of death.

How to remove viruses from WordPress

First of all, so-called "security plugins" are often ineffective at cleaning a contaminated blog. Most of them only serve to occupy space, consume processing resources and give the false sense of security. This is when the plugins themselves are unsafe, adding vulnerabilities to WordPress.

However, there are some steps to be taken to definitively solve the WordPress virus problem. The entire procedure should be done from machines proven to be uninfected. 

Exclusion of any theme or plugin installed in the blog

Usually blog owners are terrified at the announcement that it is necessary to remove all plugins and themes to reinstall these components from their official repositories, with known clean copies.

The loss of possible customizations made to the theme is the price to pay to have the blog clean again. Usually this step is enough to solve the virus problem in WordPress.

Exclusion of non WordPress files

It is also necessary to proceed with the deletion of any files not belonging to WordPress. Since crackers usually store their backdoors (programs that release remote access to the server) with names easily confused with the WordPress files themselves.

Database Analysis for Hidden Code in Blog Settings

It is also essential to search the database for hidden code in widgets or in the titles and texts of posts. Custom fields are also often easy places to hide malicious code.

Avoid reinfection

At this point, having taken all the steps described above, it is likely that the site or blog no longer has any viruses or malware. But it is necessary to take extra care and watch the access logs carefully to make sure that there are no unnoticed points of invasion left. 

What to do after removing the WordPress virus

After removing the virus or malware from WordPress is necessary: 

  • Remove all unnecessary or unrecognized users;

  • Change the password of all remaining users;

  • Rename wp-login.php (what our customers can do using Monica for Customers);

  • Generate new "salts" (encryption keys) in wp-config.php;

  • Submit reconsideration requests to Webmaster tools (Search Console, for example) which, after identifying the fix of security problems, can return the domain's previous reputation.


Also See: Wordpress Virus, Wordpress Site, Malicious Code, Wordpress Files, Wordpress, Site, Plugins

WordPress Plugins and Themes - WP Marketer Tools
WordPress Themes and Plugins To Help Grow Your Online Business and Make It More Efficient.
CryptoTab Browser - Easy way for Bitcoin Mining | CryptoTab Browser
CryptoTab Browser is the world's first web browser with built-in mining features. Familiar Chrome user interface is perfectly combined with extremely fast mining speed. Mine and browse at the same time!

Quality Office Furniture USA Shipped Direct - Madison Liquidators
Nationwide vendor of quality office furnishings including Desks, Office Chairs, Conference Tables, Cubicles and more!

Claim 1 FREE Stock! No Purchase Necessary!
You have a 100% chance of receiving one free stock! Click to claim and have a chance to get one share of Facebook, Visa, Microsoft and others for free!

Advertise Here