WordPress Malware on my website and how I removed it.
One day I went to check on one of my websites that I don’t visit much, but I was surprised with a Google warning like this.
It freaked me out. I didn’t have a clue what happened or what to do about it. How did this wordpress malware get on my website? I did a little research to learn how to remove the malware from my website, but nothing I read was working. One thing I read said to change my theme that helped for a while, but the wordpress malware came back.
A wordpress malware on my second website.
I got an email from a visitor of one of my other websites telling me I had a Google malware warning popping up on that website. NO WAY! Not again! Yes I had another website hacked. Now I had two websites with a wordpress malware virus. This was now a very big problem. I have about 10 websites of my own plus several websites that I manage. How was this happening and how do I stop it? In Google webmaster tools I was able to request a new review of my sites but they kept comeing back as malware warnings.
I contact my hosting company Airs Webhosting for help. They did a scan and found and removed issues on both of my websites. I was so relieved. But that did not last long. The wordpress malware warning was back. I was get very scared and frustrated at this problem. After 2 weeks of back and forth with my hosting company removing problem codes, the problem just kept coming back after every fix. The hosting company finally told me the theme had been hacked and I needed to delete wordpress and rebuild both of my websites. There had to be a better way. Both my websites where getting a lot of traffic and had a lot of first page Google rankings. Starting over was not exciting to me.
WordPress Malware removal by wordfence
I did some more research and found a plug-in called Wordfence by Mark Maunder. I adding the new Wordfence plugin, but when I tried to do a scan it would not scan. It was showing “system overload paid members only”. I was not confident the plug in would work seeing as my hosting company could not find and remove the problem how could a plugin? So I gave up on that and started copying all my files and getting ready to rebuild the sites. Late on Sunday night I got an email from the wordfence plugin showing the results of the Wordfence scan and it did not look good. I logged into my dash board and went to the pluggin scan. Wordfence had found a bunch of changes to my php files and theme files that were coursing the wordpress malware to keep coming back. It seemed that my website was hacked through the C-panel.
Here is a copy of the wordfence email.
“Wordfence found the following new issues on “”.
Alert generated at Sunday 28th of October 2012 at 04:47:06 AM
* WordPress core file modified: wp-content/index.php
* WordPress core file modified: wp-content/themes/twentyeleven/author.php
* WordPress core file modified: wp-content/themes/twentyeleven/content-single.php
* WordPress core file modified: wp-content/themes/twentyeleven/editor-style.css
* WordPress core file modified: wp-content/themes/twentyeleven/functions.php
* WordPress core file modified: wp-content/themes/twentyeleven/header.php
* WordPress core file modified: wp-content/themes/twentyeleven/inc/theme-options.php
* WordPress core file modified: wp-content/themes/twentyeleven/languages/twentyeleven.pot
* WordPress core file modified: wp-content/themes/twentyeleven/showcase.php
* WordPress core file modified: wp-content/themes/twentyeleven/style.css
* This file may contain malicious executable code”
Use Wordfence to remove your wordpress Malware and other issues.
WordFence is a free WordPress security plugin with a that will scan your website looking for viruses, malware, Trojans and malicious links. Wordfence also has a paid premium options also. If you used Wordfence to fix your wordpress malware the money you spend on the upgrade is well worth it. Having the ability to remove any wordpress malware and virus with the click of your mouse is worth the $17.95 a year. WordFence will also protect your site from scrapers, aggressive robots, fake Googlebots, along with brute force attacks.
In the Wordfence plug-in interface you have very easy to use, drop down where you can select options and provide an email address to receive alerts about any problems.
Wordfence gives you the option to do a manual scan, this is the scan that would not run for me, or you can wait for the system to do a scheduled scan. The first time I tried to run a scan it would not run because it was at a high use time of day. Wordfence with run a scheduled scan on a regular basses at low traffic times of the day. Cince uploading the wordfence wordpress malware plug-in I did three other scans late at night and they all scanned without a problem. As a paid member you can schedule your scans and you will also get priority over free members scanning.
WordFence is a great plugin if you want to increase your WordPress Security.
I would recommend Wordfence to anyone as a great proactive measure or for anyone that finds their website effected with a wordpress malware Google warning.
Chief Inspiration Officer
Fighting the forces of mediocrity.