In this article, I will try to tell you how to get a virus on the WordPress site, how to detect viruses, how to do WordPress virus removal and how to make your site more secure. Please note that the viruses that infect sites can vary widely and I will talk about the most common situations in this article.
You should be very careful and remove any potentially infected files by overhauling the original WordPress files while removing viruses from a WordPress site. Of course, you should not delete the default WordPress files when doing this. Be sure to compare the WordPress files you will download from WordPress.org with your own files.
How does a virus infect a WordPress site?
WordPress is an open source web interface that codes are added and developed by thousands of users around the world. Therefore, sites can be infected by plugins and themes that are not developed with robust firewalls. We can list the most common problems as follows:
- Unlicensed (warez) theme or plugin usage
- Write permission errors of your public_html files and folders
- No WordPress, plugin and theme updates
- Easy to guess admin username and password usage
- Keyloggers and viruses that infect your PC
How to Detect a Virus on a WordPress Site?
The files and folders in the image above are the defaults of WordPress. Make a comparison of the files by going to the main directory where your WordPress site is installed, and if you see a file or folder with a different name, check it first and then delete it. Please note that WordPress plugins only create some files and folders inside the wp-content folder. So if you see a different file or folder in the home directory, delete it.
In addition, check your .htaccess file and wp-config.php files in the main directory. Some viruses can also infiltrate these files and from there they can provide some control on your site. If the .htaccess file is not visible, you can say show hidden files from CPANEL> File Manager> Settings.
Online Virus Scan
There is a great app to scan your website for viruses online. Enter your website address by visiting the Sucuri SiteCheck site. Then click the Scan Website button to start the scan. If your website is infected, this site will show you the viruses online. Even if it cannot locate it exactly, you will at least have checked for viruses on your site. If there is a virus, you can take action accordingly.
Virus Scanning with Plugin
There is a great security plugin developed for WordPress. Our plugin is called WordFence. In addition to taking security measures on your site, this plugin also performs an instant virus scan. Download the WordFence plugin from the official WordPress plugin site. Then install the plugin on your site and activate it.
After activating the plugin, go to the Wordfence> Scan menu in our WordPress administration panel and press the START NEW SCAN button. As in the image below, the files and folders you see Critical error are infected. Clean them with peace of mind.
How to Clean WordPress Virus?
There are several different ways to clean up viruses that hit the WordPress site. The most effective methods are manual and plugin cleaning. If you are not familiar with doing these applications, get help from a WordPress support professional.
Manual Virus Removing
In general, I manually clean the viruses that infect websites. It is a simpler method and the probability of making mistakes is almost zero. In the manual cleaning process, we delete the WordPress default files and add new ones. What you need to do for this:
- Download the original WordPress files to your PC
- Open the .zip folder and delete the wp-content folder
- Connect to your server with CPANEL or FilleZilla
- Go to the (usually public_html) folder in the home directory
- Delete all files except wp-content, wp-config.php and .htaccess
- Upload your downloaded WordPress folders and files to the server
Please be very careful. Because if you delete or overwrite wp-content, wp-config.php and htaccess files, you may lose everything on your site. Before starting these processes, make sure to make a backup of your site.
We will have cleaned the infected files on our site with this process. Check all of your themes> YOUR THEME and plugins> YOUR PLUGINS in the wp-content folder and install new versions if possible.
Virus Removing by Plugin
You can detect viruses and clean your site with the Wordfence plugin I mentioned above. The biggest advantage of this plugin is that it overhauls all your theme and plugin folders compared to manual browsing. You will not be afraid if there is a virus on my site with this way. You can use the free version according to your budget or you can choose the premium version with more advanced features.
This plugin installs in English. If you have any problems about installing and using the plugin, ask me in the comments field.
How to Secure Your WordPress Site?
You can follow these steps to detect and block WordPress security vulnerabilities:
- Hire a good hosting company
- Install SSL on your site (security certificate)
- Turn off access to files and folders with htaccess
- Turn off file editing with wp-config.php
- Manage permissions of files and folders
- Always keep your themes, plugins and WordPress up to date
- Make sure to delete unused themes and plugins
- NEVER use unlicensed plugins or themes
- Use a security plugin
- Use a unique username and password (avoid the admin username)
- Restrict entries
- Hide WordPress admin panel and login link (wp-admin and wp-login.php)
- Use Google Captcha
- Close your site to new registrations
- Use Akismet or turn off your site in comments
For now, that’s all I have to tell you about WordPress virus removing process. If you have any questions please join me in the comments section.
