One of my friends came to me one day with an urgent request for help. He thought that his WordPress blog had been hacked.
I opened the page in Firefox and immediately encountered the alert warning that the website was blocked by Google since it was distributing Malware.
It looks like the image to the left of this post.
The problem was fixed after doing some research and using a few tools to get rid of some bugs.
This is a very common problem these days that can be easily dealt with. The key to controlling Malware lies in the following three steps:
Identifying the malware is the very first step that needs to be followed. For this purpose, you may use some of the tools below as a first step into finding the Malware.
• Google Diagnostic Page – With the help of the following URL, a user can find information regarding the malware. However, this information is very general in nature. To find out if your site has been blocked by Google or contains malicious Malware you need to enter this url => http://www.google.com/safebrowsing/diagnostic?site=http://www.your-own-website.com
• Sucuri Site Check – It is a free online scanner that can be out into the website address for the purpose of analyzing it for Malware problems. If the site is clean, it will verify instantly. On the contrary, when there is Malware, it will report the same. There are dozens of other online scanners that have more in-depth scanning capabilities and options. This was one is just real quick and gives you answer fast before you investigate further.
Don’t forget depending on your hosting service, they can offer to scan your sites for Malware as a courtesy or for free. I use Hostgator and they are very good about doing this when I make the request.
• Wordfence WordPress Plugin – Wordfence is a free security plugin that offers anti-virus scanning for WordPress blogs. It scans the entire page and lists the malware. The user is easily able to identify the fields that have been infected.
Once the user has successfully identified the files that have been infected, it becomes very easy to fix the malware.
• Wordfence, the WordPress plugin can be used for fixing this problem.
• Search every file that contains “eval(base64_decode”. Mark all these files. This is a common Malware virus that usually gets injected into WordPress blogs.
• Remove the code from index.php or other infected files. Make sure to backup your database should in case you have to delete a large number of files.
• Once you have removed the Malware from all the files, scan again with the help of the Wordfence or your hosting provider in order to make sure that there are no more files infected on the blog.
You will also need to remove your site from Google’s blacklist. For this purpose, you must use Google’s webmaster, tool for submitting a review request. If there is no such request, your site’s status will be cleared after several weeks.
After having successfully removed the Malware, you need to follow a few steps so that you don’t encounter this problem again.
These steps include:
• The first and the most important step is to change all the passwords.
• The second step is to upgrade the WordPress version. It is best to use the latest version for optimum performance.
• You must also change the theme files to php or js. So that they become read-only. If they are still writeable, you will again encounter the same problem.
Some other extra steps if you are like me is use the “Use Limit Login Attempts” plugin. This plugin limits the rate of login attempts by an attacker by brute force or by way of cookies, for each IP specific address.
I would be cautious about using contact forms that are generated through WordPress plugins. Attackers can definitely sneak Malware through this route. There are services out there like Wufoo Forms you can use as an alternative.
There is no question that your WordPress blog is very important to you. That’s why it is imperative you put in place a backup solution or a first line of defense against viruses and attackers. There are several plugin solutions out there that would help you accomplish this task so finding the right one will be key. You must also install and configure a WordPress plugin that will serve to secure and harden your WordPress blog against attackers looking to compromise your blog.
WordPress is a very secure platform in itself when updated frequently. Just remember you can start some basic security measures by changing usernames and passwords that are hard for anyone to guess.
If you don’t have a WordPress security plugin already installed, you can get the latest one from the official free WordPress repository.
Hopefully this post helps you out as it did for my friend. If you have other security options that you use to bullet-proof your WordPress blog against Malware attacks, please share them in the comments!