WordPress websites often fall malware attacks that embed malicious code into a site’s files or database and can leave a website owner feeling lost and vulnerable. Sometimes you will even get an email from your hosting provider letting you know that your website has been hacked or contains malicious code that needs to be addressed. Once this occurs, knowing where to go and what to do next can seem like a daunting task. Here is a list of websites to help you get started on determining if your WordPress website has been hacked, and what to do if so.
Sucuri Site Check
Sucuri offers website security services to help prevent malware attacks in the first place – however – what we find most helpful is their free site check scanning service. You can easily scan your site’s homepage to see if there is any bad stuff there.
VirusTotal is an online scanning service that allows you to upload specific files or scan a url on your site for malware. This is another great tool to use with Sucuri because it checks a ton of different malware services to see if they have your site listed as containing malware. So you are not just trusting one source, but many. Furthermore, if you think a specific file may have malware in it, you can isolate that file and upload it to the VirusTotal scanner.
WordFence is a popular WordPress security service that runs as a plugin and will set up all sorts of high-level security measures to protect your website. They have a premium feature on top of their free service as well however we really like the free-to-use scanner that comes with the plugin. WordFence allows you to scan your entire WordPress website and database for malicious code or bad links to external sites that could be harmful to your visitors. Once the WordFence scan completes you can also ask it to automatically remove any malware that was found. This isn’t a perfect fix but is a start to getting rid of the malware.
These three site scanners should get you started on removing malware from your WordPress website. It is important to note that there is no single automated silver bullet to fix a malware attack and the only way you can be certain your site is clean is to hire a professional. At WP Merlin we can help you remove malware from your infected WordPress website and as long as you are on one of our maintenance plans we will guarantee your site stays clean. Contact us to get started.