7 Steps For Malware Removal From Your WordPress Site

By October 4, 2019 October 6th, 2019 Tutorial

Getting the malware by using illegally themes and plugins or setting up an easy password are the normal things with WordPress websites. Malware removal is the most critical thing you need to do when your website gets one of these problems below:

  1. The homepage will change to the warning page to show that your site was hacked.
  2. The website sends the awful emails or spam to your host while the admin doesn’t know that.
  3. Websites contain the affiliate links with the ads of sexual drugs, gambling or phishing scam.

And, when your website gets one of these problems, the hosting suppliers will block your site. It is easy to avoid your website being hacked by using legal products, or complicated passwords or setting up iThemes Security. One more tip, you should choose a hosting company that uses CloudLinux like AZDIGI, StableHost, A2Hosting.

What can we do when your website is hacked?

You can ask a help from some developers. Or in this article, I will guide you on how to reset your site.

The Steps To Build Up Your Website From The Scratch

Step 1: Build Up A New Website

Let’s install a new WordPress site in the host or localhost and use a new domain to make sure that you can access both the old site and the new site to compare the data.

After that, please open the folder wp-config.php of the new website and add the code below under <?php:

01 define('WP_HOME','http://example.com'); 02 define('WP_SITEURL','http://example.com');

Change example.com to the domain of your new site.

Step 2: Backup the data of the old site.

Firstly, access phpMyAdmin to export the database of the old site to your computer. If your host doesn’t have phpMyAdmin, you can use BackWPUp plugin to backup the database. Note that, need to backup the database only.

Secondly, download the folders including the uploaded images in /wp-content/uploads/ to your computer. If you use hosting, you can go to File Manager and use the Compress function to compress the folders, then download it to your computer. If you build up a new website on the same host as the old site, you only need to copy the data of the folders from the old site to /wp-content/uploads/of the new site.

Step 3: Import the old data to the new site.

This is an important step for malware removal. Access phpMyAdmin on the host (or localhost) that is running the new website and find the database of that new site, then click on the Import button and upload the file .spl that you have got from the first step.

(In case, if you get the error when importing the database, just create a completely new database, then import .spl file into).

After import data successfully, just look at the table data to see the prefix is wp_ or not. If you are using a prefix that is different from wp_, please open the folder wp-config.php of the new site, find $table_prefix then make wp_ become the prefix of the table data. For example, if you have a table data named 38dug_options in the database, just change to

01 $table_prefix = '38dug_';

After that, let’s upload the image folders from wp-content/uploads of the old site to the folder wp-content/uploads of the new site to be sure that all images will be safe. You can access the Media Library section to check if all images are there.

Step 4; Install the theme

You should use a paid theme with a legal license. Then install and activate it to your site. Install and activate the plugins included in the theme as well. These plugins are totally safe for your site.

Step 5: Upload the source code to the new website.

You need to do two steps below to backup the data. You can use BackWPup plugin to backup the data.

5.1 Backup and restore the source code of the new website to the host.
5.2 Backup database and restore the database on the host.
After that, open file wp-config.php of the new website in the host, then edit WP_HOME, WP_SITEURL to the address of the main website.
For example:

01 define('WP_HOME','http://example.com'); 02 define('WP_SITEURL','http://example.com');

This will make sure that you can access the new website according to the domain of the main site.

Step 6: Change the website’s address on the database

Now, we do to the sixth step for the malware removal. Just access the new website in the host, and install plugin Better Search Replace. After that, please go to Tools => Better Search Replace and find the old domain to change to the new one, then remove the tick of Run As Dry Run option.

Click on Run search/replace button. All the links will change to the new domain after that.

Final step: Set up the Security for your site

There are some ways to set up the security for your website:
7.1 Choose a complicated username and password
7.2 Use a theme with the license from the author
7.3 Use a good hosting
7.4 Update themes and plugins to the latest versions

Follow the steps above make the malware removal will get easier, and help your site work well soon. In case, if you still need help, feel free to leave a comment below or contact us, we are pleased to support you.

Leave a Reply