• Nibelungenpl. 1, 60318 Frankfurt am Main, Germany
  • Mon-Fri: 09.00am - 10.00pm

How to remove malware from WordPress website

Nowadays WordPress is becoming the most popular Content Management System(CMS) in the web development field. The number of WordPress users and developers is increasing day by day. So the hackers and the spammers are interested in WordPress website hacking and injecting malware. So as a business owner, website owner or website developer you must know how to remove malware from WordPress websites and ensure the security of your website.

There are many reasons for ensuring website security. Hackers can hack your website using malware. The spammers can show his ads or something like that using malware. So to maintain your security and website quality you should remove malware from your WordPress websites.

You can remove malware from WordPress websites in many ways. Today I am describing the best and easiest way to remove malware from WordPress websites.

If you are unable to log in your WordPress dashboard then read this article How to remove malware without log in WordPress dashboard.

WordPress Safety

Before knowing about WordPress malware removal we should know how to be safe from malware in WordPress.

  • Please use the updated version of WordPress.
  • Update all of your themes and plugins.
  • Try to use as few plugins as possible.
  • Before installing any plugin check the active installation and reviews are more than 4 stars.
  • Always use plugins from wordpress.org *
  • Avoid using nulled versions or GPL version themes or plugins. Because most of the malware attack is done by nulled themes and plugins. Hackers add some files and backdoors code for accessing the admin panel with the nulled themes and plugins. So it’s the most important part to be safe from malware attacks in WordPress.

01. Scan Your Website

The very first step of the malware removal process of a WordPress website is to scan the vulnerability of the website. You can do this using different websites and plugins. Let’s check from a website first. This is the link to a website security check tool.

If you have any difficulties warning like this. Next Go for the next step.

WordPress Malware Check  remove malware from WordPress
WordPress Malware Check

Also Read: How to boost up your wordpress website speed

02. Install an Anti Malware Plugin

There are many malware scanning and removal plugins in the WordPress directory. Here are the few best plugins.

  • Wordfence Security
  • Sucuri WordPress Security Plugin
  • Astra Security Plugin
  • Hide My WP
  • Anti-Malware Security
  • WebARX Security
  • MalCare Security
  • All In One WP Security & Firewall
  • WP Antivirus Site Protection
  • Quttera Web Malware Scanner

You can use any of them. Today we are going to talk about the Wordfence Security plugin. Because this is very easy to use. Because there are some instructions about how to solve those issues which you have on your website. Please install -> active and let’s work on this.

Wordfence Security
Wordfence Security

03. Custom Scan Settings to remove malware from WordPress

Before starting scanning please make a setting like us. It will help you scan your website compactly. Let’s change the scan settings.

  • After activating the Wordfence Security plugin you will get a new option in the WordPress dashboard named Wordfence.
  • Firstly go to Wordfence -> Scan -> Manage Scan
  • Secondly there you will find an option named Basic Scan Type Options from select High Sensitivity
  • Thirdly go to the General Options section and make sure all the available options are selected.
  • Fourthly go to the Performance Options and mark the Use low resource scanning option.
  • Finally, the settings you will see the scan type is custom. That means you are ready to scan. Click on the Start New Scan button.
Select Scan Type
Select Scan Type
Preference Options
Preference Options

Save Changes

Start Scan

04. Find Out the Malware & Issues

You are on the final step to Remove Malware from the WordPress website. After completing the scanning process. You can see a clear result on your website. Where the malware and affected files are located. There might be two types of warning you will see. One is medium and another is critical.

The critical issues should be fixed as soon as possible. Medium issues are recommended for fixing. There you will get some instructions on how to fix the problems and remove the malware from WordPress. Most of the time there are two types of issues, one is malware files and another is the backdoor code. You have to fix both of them.

05. remove malware from WordPress Website

Firstly you should delete these files which do not belong to WordPress files. Such as wp-tmp.php and wp-vcd.php. This file can be found in the wp-includes folder of your public_html folder or your home directory folder. If you have any confusion about which files should be removed which not. Just copy the file name and search on google you will find the solution. Once you will delete all the malware files. Then go for the next and more important step.

06. Remove Backdoor Codes From WordPress Website

Hackers add some codes for accessing the website admin panel. Most of the time they include the code with the functions.php file. Leave this where they added. Because the plugin is already showing these to us. Let’s learn how to remove this.

  • Firstly expand The issue and click on the View Differences button.
  • Secondly, you will show the changed part on the new tab like this.
  • Thirdly download the file from the cpanel and open the file using any code editor like vs code, sublime text or notepad ++
  • Fourthly remove the changed part from the code and save this.
  • Finally, upload the file and replace the file.
Backdoor Codes remove malware from WordPress
Backdoor Codes

Do this for every changed file. By following these steps you can remove the backdoor codes from WordPress.

Since your WordPress, Themes and Plugins are already updated you will not show any issue.

Again rescan your website so that you can ensure that your website is safe from malware.

Leave A Comment

Your email address will not be published. Required fields are marked *

Subscribe to Our Newsletter for the Weekly Updates.

Select the fields to be shown. Others will be hidden. Drag and drop to rearrange the order.
  • Image
  • SKU
  • Rating
  • Price
  • Stock
  • Availability
  • Add to cart
  • Description
  • Content
  • Weight
  • Dimensions
  • Additional information
  • Attributes
  • Custom attributes
  • Custom fields
Click outside to hide the compare bar