Cleaning Malware from the site isn’t an Easy Task. There are numerous signs that show that your website has been hacked Ex: It is diverting to different websites, If Google Detected malicious content in website it will block your Website with error ( “Malicious content Ahead” ), and furthermore there are a few files which stay undetected however it might attack your site by from indirect accesses.

How to identify malicious files?

Malware can be found anywhere in your WordPress files and folders ( PHP, HTML, Database and any other areas ). To detect malicious files in your website install & Activate Wordfence plugin and start scanning your website it will take some time to scan all your files.

After full scanning of the website, it displays  Critical issues & Warnings ( Ignore Theme, Plugins, WordPress Update Issues as they are just Warnings ) check the files and their path where wordfence is showing critical Issues .

How to make a malicious free website?

Step 1: Create Backup of all WordPress files and Database

Make a backup of all your WordPress files and folders this is because we are deleting all WordPress files Except ( wp-content folder and wp-config.php ) in very few cases if the theme is not compatible with the latest version of wordpress you can revert back to your old WordPress installation.

Database Backup : Make Backup of your Database from phpmyadmin.

if you don’t know how to make a copy of your database click here

Step 2: Reinstalling Theme and Plugins

Theme Reinstallation: Delete your theme and download the latest version of your theme zip file, install & activate the theme.

If you have customized your theme or made any changes copy that same changes in your latest theme.

Force Update Plugins: Force update all your plugins including which are of latest versions. Use BAW Force plugin Updates WordPress Plugin to update plugins which are of the latest version.

To force update all plugins you have to disable javascript of your browser because in WordPress now plugins are updated without page gets Load, in this case only plugins which have an update released are updated. So it’s good to disable javascript of your browser to force update all plugins.

Step 3: Replacing WordPress Files and Folders from cpanel/filezilla Except ( wp-config.php, wp-content, and verification files )

Which files to be deleted?

Delete all WordPress Files and folders except ( wp-config.php, wp-content, and verification files ) even delete .htaccess file which is hidden goto settings > show hidden files and folders to make it visible.

Why do not delete wp-config.php, wp-content, and verification files?

wp-config.php: This is the file responsible to connect WordPress with the database.

if you have entered wrong database credentials you will get an error ” Error establishing database connection “.

If you find any malicious code in this file then remove it manually.

wp-content: As the name indicates this is the folder where all your media files, themes, and plugins where present. If accidentally you delete this folder your website will be screwed.

Verification Files: Verification files are used to verify that you own your domain and server, some of the verification files are: google webmaster file, Email verification file etc. if these files are present in public_html then don’t delete.

Download Latest version of WordPress from website and Upload in public_html.

Extract WordPress zip file it will create the folder WordPress.

Copy all files from WordPress folder except wp-content folder and move to public_html. if you move wp-content folder then it will overwrite with old wp-content folder and all your data will be lost.

Step 4: Save permalinks and scan Website

After Replacing WordPress files login in WordPress sometimes it will ask you to Update WordPress Database Hit ok now you will see your WordPress dashboard.

The first thing you have to do is Save permalinks because you have deleted .htaccess file which is responsible for website links you will see 404 error if you visit any page so it is necessary to save permalinks to recreate the .htaccess file.

Now scan again in Wordfence to check if the website is cleaned or not. After doing all the steps definitely, the website will be cleaned and you will see no more critical issues.

Alternately if you are not getting emails because of malware Attack scan your website in MXtoolbox to check if it is blacklisted.

Similarly, scan your Website in Scuri and Request for review where your website is blacklisted.

Step5: Request for Review in Google Webmaster Tools

Now last and final step is to request for review in google webmaster tools. if you have not added your website yet in webmaster tools first add It and follow steps.

  1. Goto Your website by clicking on your domain name.
  2. You will see a dashboard at left click on security issues
  3. from security issues check “I have fixed this issue”
  4. Click on Request for review, a popup will open tell how you resolved issue click on request for review button.

Now you have successfully Cleaned Your Hacked Website.