in Blog, website security

Ways to Remove Malware from WordPress Sites!

WordPress websites are trendy in today’s world. It is prevalent and easy-to-use thus, many people prefer to use WordPress for individual use and also for business purpose.   

WordPress has now become one of the most widely used tools. It allows us to successfully create webpages along with various plugins, templates, and themes. But this success of WordPress has brought a large number of vulnerabilities and risks with it too once such weakness is affecting WordPress sites with malware. 

The users neglect WordPress security to a great extent. Users can’t sit and update the site to remain protected. But you need to work consistently to fight such vulnerabilities. It is because, despite all the precautionary tips, the WordPress sites do get compromised with malware and play a havoc role with the website’s security and data.

The following article will discuss some ways by which you can remove malware from your WordPress sites. Let’s find out more about the removal of malware from WordPress sites.

Ten Ways to Remove Malware from WordPress Site:

Prevention is an essential part of protecting yourself against any vulnerability or threat. In other words, you must take specific preventions to remove malware from your WordPress sites and make it completely secure and protected.

The WordPress users should always update their site with the latest version available. It is because the newest version fixes WordPress vulnerabilities which were present in the previous version. There are other things too which users must do to remove malware in their site.

Following are ten steps or tips which a user must adapt to remove malware from their WordPress sites.

1. Scan your site:

The first and the most crucial step in removing malware from your site is to scan your website. Run your site to a scan to make sure that your website is being compromised.    It is recommended to scan your website periodically. You can do this either by using a WordPress security plugin or by using another scanning website.

2. Make sure you have a backup:

Before you proceed with malware removal, ensure that your website has a comprehensive backup plan. Having a backup plan is essential in cybersecurity. Therefore, you must have a backup plan which is updated regularly. You can also use different plugins for backing up your files. You must have done a backup at least once every month.

3. Check back up files:

Examine your backup files before you proceed further to remove malware from your site. This step is vital as it ensures that website backup is free from malware. Make sure that no data is missing. If you find that anything is missing then getting it from another source file and keep it ready. If by any chance you don’t have another copy of the missing data so, you have to work on it again. In this case, you can seek help from your host provider.

4. Format WordPress Folder

After backing up your files, format your WordPress folder. For this, log in your cPanel and go to the location where WordPress is installed and delete all your WordPress files. The WordPress files will be in the public HTML folder but if they are saved in any other location so, go there and delete them.

5. Re-Install WordPress

In the next step of malware removal, you need to re-install WordPress. You can do this by contacting your host provider or by logging into your hosting account. From there, select the WordPress tool tab where you will tell your admin name, password, and other required information.

Once you have verified the details, then click on “Install WordPress and later on the Refresh button on the next screen.

6. Change Your Password

Changing your password is imperative while removing malware from your site. When you re-install WordPress so, you need to use a password. Using a new password is always a good idea. It is because your site has been affected by malware, and it is possible that the hacker might know your old password. Therefore, always go for a new password.

Choose a password which is durable and has both upper and lower case alphabets along with numbers and special characters. If you have forgotten to change your password, you can do it merely going to reset your password.

7. Re-Install Plugins and Themes

Re-installing plugins and themes is an essential step for removing malware from WordPress sites. Since now your website will be on the default twenty-seventeen theme so, you can either re-install your original theme or can install a new one.

Remember if you are restoring your website from the backup, then you would have original plugins and themes. But it is up to you; you can install new plugins and themes if you want.

8. Restore Backup:

Now, restore your backup. You can use the same plugin which you used for backing up your website. Recover the site from the backup.

9. Again Scan Your Website:

It is a crucial step as you need to make sure that your website is completely free from malware or not. You need to go for a scan once more. For this reason, you can use any of the available plugins or websites for the removal of malware.

10. Submit Site for Google Review:

After you have restored your site and scanned it, then submit it for Google review to get the warning message removed. All you need to do is to log on to your Google Webmaster account, next select your website, select Health, go to Malware, and then choose review request.

Write a Comment



  1. I was suggested this blog by my cousin. I am not sure whether this post
    is written by him as nobody else know such detailed about my trouble.
    You’re wonderful! Thanks!

  2. Hmm is anyone else having problems with the images on this blog
    loading? I’m trying to find out if its a problem on my end or if it’s the
    blog. Any suggestions would be greatly appreciated.