How to remove malware and virus from wordpress blog

Like this post? Post Comment, Download and Subscribe RSS

by Jimmy on May 23, 2011

Today I am writing how to remove malware or virus from your wordpress blog or any website. This is very serious issue these days all most every site going infected with malwares and many companies earns by remove these viruses. I removed all viruses form my wordpress blog uptomark.com.
Please note these steps to remove viruses.
1-    Make ftp connection and god to root directory where your wordpress blog hosted.e.g uptomark is directory name in my case.
2-    Sort files “Last modified”. You see the date of files. Those are created just 5-10 day before and  names are like human.php,   werr.php . These are just fake names. remove these files.  The original file list which is wordpress blog files are listed below.
wp-app.php
wp-login.php
wp-signup.php
wp-mail.php
wp-comments-post.php
wp-settings.php
wp-feed.php
wp-activate.php
wp-cron.php
wp-links-opml.php
wp-load.php
wp-trackback.php
wp-pass.php
wp-rss.php
wp-rss2.php
wp-commentsrss2.php
wp-atom.php
wp-rdf.php
wp-register.php
wp-blog-header.php
wp-config.php
index.php
don’t remove these files these are necessary files.
3-    Enter you website in this link https://www.google.com/webmasters/tools/malware?hl=en&siteUrl=http://www.youwebsite.com/ to see which files are infected and find out using ftp.
4-    Some time original wordpress files is edit and and virous code embaded inside. Then you should open the file and see which code is embaded remove this e.g in my case “img heigth=”1″ width=”1″ border=”0″ src=http://wrongsite.net/t.php?id=15900016 ” .
5-    These are some wordpress folders  “wp-admin” , “ wp-content”, “wp-includes” check one by one same procedure. Please note that if these folders contains “index.php” file the remove it. Index.php should not be there.
6-    You can check all viruses are removed or not just go to http://sitecheck.sucuri.net/scanner/ and scan your website.
7-    When all malware and viruses removed then https://www.google.com/webmasters/tools/malware?hl=en&siteUrl=http://www.yoursite.com/ to review request to google to remove your site from block list.

What saftly procetion are used to protect your website by these malwares.
1-    Install updated antivirus and scan your pc before creating ftp ot sftp connection.
2-    Use sftp instead of simple ftp.  ftp is not much secure.
3-    Please only use necessary wordpress plug-in. Remove unwanted plug-in, sometimes these plug-in give a way to virus to reach at your website.
4-    Make strong username and password of your account and change frequently.
If you interested to read more about this read more http://25yearsofprogramming.com/blog/20071223.htm

If you feel any suggesting or any help please free to contact on jimmy@uptomark.com

Leave a Comment

Previous post:

Next post: