If you stumble across the situation to deal with compromised websites and malware present in your hosting then probably the best thing to do is to turn to a professional. This can either be an experienced WordPress developer or it can be a security company. However, if you decide that you can do it on your own you can give it a try and follow this basic plan.<\/p>\n
1) Before you start it is recommended that you restrict access to your site and allow access only for your IP. This can be done via the .htaccess file and you need to add the lines at the top of the file:<\/p>\n
Where IP_ADDRESS is the public IP that you will use to access the site.<\/p>\n 2) Then create a backup of the current state of the website plus the database and download them locally on a device that you will conduct the cleaning. The easiest way to do that will be via FTP. Or you can also use tools such as scp, get, and rsync.<\/p>\n 3) Once the website files are downloaded you can then scan them with your antivirus program or with another scan tool. There are also online scanners that allow you to upload and scan files. Most of the time the infected code is easily recognized as it is heavily obfuscated and nothing similar to the other code. It is also recommended that you take a look at your .htaccess file, the wp-config.php file, functions.php file, header.php file and look for any suspicious redirects and URLs set.<\/p>\n 4) Reinstall and remove all the plugins. Then install them again with their latest versions.<\/p>\n 5) Reinstall the theme and then re-install it again with the latest version.<\/p>\n 6) Once you have cleaned the files run a local scan on them once again to make sure there are no more infected files. And you can then again re-upload the clean version plus the database into the document root of your server\/hosting and do not forget to remove the deny rule from the .htaccess file that we set in point one.<\/p>\n Besides, it is very recommendable to consider the following actions:<\/p>\n \u2013 Scan your local computer for any malware;<\/p>\n \u2013 Reset all passwords related to your hosting account (including cPanel, FTP accounts, Email accounts);<\/p>\n \u2013 Use strong passwords;<\/p>\n \u2013 Remove any unnecessary data within your account \u2013 that includes scripts, media, plugins you are not using, and themes that you are not using;<\/p>\n \u2013 Double-check your permissions \u2013 with few exceptions, your data should have permissions 644 for files and 755 for directories;<\/p>\n \u2013 Update your WordPress and plugins\/themes accordingly<\/p>\n \u2013 Make regular backups. Most hosting companies are making backups however it is also recommendable that you make backups on your own and store them locally or on another server. And always have at least one copy of your site that you know for certain is not infected.<\/p>\n","protected":false},"excerpt":{"rendered":" If you stumble across the situation to deal with compromised […]<\/p>\n","protected":false},"author":1,"featured_media":13881,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[142],"tags":[],"class_list":["post-8534","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-wordpress-common-issues"],"acf":[],"aioseo_notices":[],"aioseo_head":"\n\t\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\tdeny from all
\nallow from IP_ADDRESS<\/code><\/p>\n