Home Education A Do-It-Yourself guide to Malware Detection and Removal

A Do-It-Yourself guide to Malware Detection and Removal


Malware attacks can bog down your website to the point of affecting its performance. It can also make visitors to your website vulnerable to fraud and other online crimes by exposing them to malicious parties. It is important to address malware attacks as soon as they are detected.

For many people, detecting and eliminating malware can be a problem because they do not have the technical skill to identify these malicious snippets of code or the capacity to take care of the problem. WordPress malware removal can be easily done through a series of steps to help detect and eliminate malware, as well as fortify your website against future attacks.

These are a few tips to help make your malware removal process successful.

Be prepared to take down your website

Most malware attacks will be developed with a goal to carry out certain malicious activities covertly. If you suspect that your website may have been infected by malware, you should be prepared to take it down. Your visitors may become vulnerable to the malicious code, which could affect your website’s credibility and affect future traffic levels.

Taking down your website may have costly implications for your business or brand. However, exposing your visitors to malicious software could prove to be even more detrimental to you. If you suspect that your website has experienced a malware attack, taking down your website could be the most important step to fixing the problem.

You should weigh the risks involved in taking down your website during an attack, as well as the function of the malware. If it repeatedly generates spam content onto your site, it can be easily managed without having to take extreme measures. If it serves any other function, such as redirecting visitors, collecting user information or advertising, you should take down your website immediately. This will help keep it in check, as well as save the credibility of your site.

To do this, you may create a “Website under maintenance” page and name it 503.php, after which you should add it to your .htaccess file. This way, all visitors to your site will experience a friendly maintenance page instead of making themselves vulnerable to malware.

You need more than a cookie cutter list

Your web host may provide a cookie cutter list to help you know when your website is under a malware attack. The same case applies to Google, who will offer a similar list during an attack. For some users, these lists will help you take care of the problem. However, their success rate is usually too low. Very few people have an understanding of their Content Management Systems (CMS) and even fewer are willing to risk making changes to their database when one wrong move could cost you important website files or your entire database.

Instead of following only the specifications in the cookie cutter list, you need to consider a comprehensive approach. For starters, you should find a great malware detection system. Most online services that claim to protect your site from malware offer little more than the ability to detect certain types of malware. You may consider premium services dedicated to detecting and eliminating malware from your site instead. If you cannot afford these, you should consider using Google. The Google Chrome browser will help detect malware faster than most other services.

Having a trustworthy malware detection service will work well with the cookie cutter list. you can use it to check on the success of your attempts to eliminate malware, making tweaks until your whole site is malware free.

Change your passwords

Your website’s security could be fully dependent on your passwords. If malicious parties inject malware to your website, they could access these passwords and gain administrative control. If you want to prevent hackers from taking advantage of your website any more than the malware they may have already injected, you need to change all passwords associated with your website.

Your database password, FTP account login details, hosting control password and your WordPress administrator panel details should be at the top of your priority. You need to also change e-mail passwords associated with your site. These limits the access hackers have on your site, which will be important in removing malware and protecting yourself in future.

Take regular WordPress backups

You should always take regular backups for your WordPress site to help you store valuable data that may come in handy. While it is better to do so before a malware attack, making a backup even after an attack will help you create a restore point for your website. You can do this through your FTP, where you back up your entire WordPress content.

There are a few files unique to your installation that should be part of any back up. The wp-config.php, .htaccess, favicon.ico and robots.txt will help you restore your database and regain server control. You may also consider taking back ups of your database since it contains all your content, comments and pages. Taking regular backups will help protect you in case your site experiences an attack. You may schedule these for at least once a month, or before any upgrade process.

Manually check folders and files

While this can be tedious, it may be a great earning step to help you detect and remove malware from your site without any help. You may consider checking folders for malicious files and files for malicious code.

You could download the latest WordPress code and look through it to understand the basic installation code and files. Having done this, you will understand the basic and non-malicious files that are required by your website’s build. You should then access your webs server and compare the two.

Any unusual file placements, such as a css.php file in your installation directory could be signs of a malware attack. NOSCRIPT and IFRAMES tags are popular amongst hackers as tools to insert malicious code onto websites. You may consider looking for these tags, such as through executable files (featuring .exe and .cmd extensions), or unusual scripts.

You should also look for and do away with strange code, unusual numbers, characters and letters and symbols which may not be considered similar to the rest of your site’s coding. Hackers will encrypt their code to make it impossible to detect.