Has your WordPress website been hacked? You are not alone. Hackers are continually looking and attempting to exploit vulnerabilities. The good news is that the team at WordPress is also working hard to find and eliminate vulnerabilities, and provide those updates for free.
Regardless, if you find your website infected with malware, removing it is no easy task. This is why we highly recommend using a professional service. Yet, if you would like to attempt to do it yourself, here is a list of steps.
1. Perform a Scan of your Computer – WordPress vulnerabilities are not the only way hackers gain access to your website. It is fairly common for a virus to leak your passwords. So, the first thing you need to do is ensure you are virus-free.
2. Change the Password for your cPanel/FTP – Many professionals will recommend using a long password made up of random characters, with at least 1 special character like ! # < &, and a mix of lower and uppercase letters plus numbers. This is generally overkill. A password like “Alltheleavesarebrown” is easy to remember and next to impossible to crack.
3. Examine your Backup Files – At this step, you want to make sure none of your core files have been modified. Many hosting companies will perform regular backups that you can use to compare, or there are plugins that can perform the task. With the backup, you can revert the site to its original state.
4. Delete All the Files in Your WordPress Folder – It is best to start with a clean slate. Login to your cPanel and, using your File Manager, completely delete all the WordPress files in your installation location. In many instances, this will be the public_html folder. But, if you used another location, select that specific location and delete the files.
5. Reinstall WordPress – WordPress’ famous one-click installer makes this the easiest step in the process. In fact, your host company may have an installer that will make the process even easier.
6. Change your WordPress Password – During the one-click installation process, you have the opportunity give a password. It is best to use a completely new password. Yet, if you missed changing the password, updating it is easy.
7. Reinstall Themes and Plugins – Reinstall all plugins from the WordPress repository or with a fresh download from your plugin developer. Next, reinstall a fresh download of your theme and replicate any changes needed in the fresh copy. Do not use the old theme. You may not spot if the files have been hacked.
8. Restore your Backup – Restoring from a backup is the most recommended method. This will keep you from having to manually clean hacked database files. Regardless, you will still want to look for unfamiliar WordPress users and remove them.
9. Remove Google Warning – Now that your site is free of malware, you can submit your site to Google to remove the “This site may harm your computer” warning. Create an account for Google Webmaster Tools, add your site, click on Health, and then click Malware in order to request a review.