Wordpress Malware - How do I remove it?

Question

Today I went to my wordpress site which is self-hosted and I got a warning in Chrome saying \"Attackers currently on keitarotds777.onlinepharmacy24h.net might attempt to install

Answer 1

This is a common problem in non secure worpress sites. Plz check the main files in your host like index.php,Header.php, footer.php, functions.php in all themes may be you can see some codes like this <?php eval(gzuncompress(base64_decode('eNrtfWt72za')) ?>

Manually clean the codes from the file.Site will work fine. After clean up insall wp security plug-ins like file monitor. wordfence security. all in one wp security and monitor the activities properly, add the injection prevention codes in .htaccess files. Block the directory listing in wp and change the file permission from 777 to suitable for your server.

Answer 2

As to how to remove this malware: it is very difficult. I had to deal with it, and it infects many of your files. You could grab your data and images from your server, which are not infected; delete everything, reinstall Wordpress, and back your data up.

How to protect yourself? Read a lot about WordPress. Certain versions are victims of exploits, so up/downgrade if there is such trouble. Cheers and good luck with the mess.

Answer 3

There is no hard and fast rule to defend your WordPress installation against all types of malwares but there are certain basic measures that can be taken to make yourself safer from MOST of the threats like keeping your WordPress core/plugins/themes up-to-date, moving to a better hosting, deleting old unused plugins/themes, installing some security related plugins etc. Go through the official WordPress tips for hardening your WordPress installation for further tips.

Moreover, when it comes to security related plugins, you can use Theme Authenticity Checker OR Exploit Scanner plugins for automatically detecting potential malicious files. You can also try the free scan service of Sucuri. Once you are done with the identification of the corrupted files, you can replace them with their official counterparts which you can get from WordPress.org.

To improve your defense against common threats further, install WordPress File Monitor Plus plugin - as it emails each time some file is changed. This will allow you to quickly revert any changes that some malware/script makes in the future and iThemes Security plugin that provides "30+ ways to secure and protect your WordPress site".

Note: WordPress security is a very broad subject and you will primarily find opinion-based answers from different experts!