Through this guide step by step I will give you a website malware removal help from your WordPress .To do this you need to do some things that are simple to thoroughly clean, well sure you deal with a file manager or FTP.
Let’s clean and secure your WordPress.
Step 1: Scan your computer
Malware can infect your WordPress in several ways, one is through your computer because they have a virus that has been able to capture the password of your FTP. This is more common than you think. The first would be to check that our team is virus free.
We can perform scans with specialized tools such as Malware Bytes , and we can double -check with other antivirus like AVG free or NOD32 you can buy in our website Do in Virus Protection .
Step 2: Change your password control panel and FTP
Now we have proven that our computer is free of viruses, you should change the password of your control panel (Plesk, cPanel, …) and FTP passwords. Must ensure that the new password is completely safe, I recommend using at least one special character! % # & <, And you combine it with uppercase, lowercase and numbers. You would want to make it easy so you can use this generator password safe online that I have developed for you.
An example would secure password for example: WDmY ^) aZ1L !.
Step 3: Download WordPress
Download the latest updated version of WordPress the official site in Castilian.
Step 4: Unzip the files
Now uncompress and extract the zip or tar.gz files you just downloaded to your computer.Leave files for now. Then we come back to them for use.
Step 5: Let’s eliminate the infection Malware
Connect to your file manager or better by FTP panel.
You should see a list of files and folders like this:
Removes all you see except the folder wp-content , and the configuration file wp-config.php .
Now in your installation directory you will have only this:
Now we need to edit the file wp-config.php to check that has no extraneous code or something out of the ordinary. If this file is malware sure to see some pretty long random string of text. You can compare a bit with the file wp-config-sample.php but are safe.
Now we go to the folder wp-content . Where you will see something like this :
Make a list of plugins that are currently using, then remove 100% folder plugins and the fileindex.php . You will have to reinstall all plugins again downloading from the official repositories for security after completion of the cleaning process.
Now it is the turn to the templates folder in themes , and the first thing is to remove the templates you do not use. You have to check each file in the current template safety one by one to check that contains no malware or strange codes. Also if it’s a subject you can re-download from the official website can be a good idea to replace previous copy or record of the changes that have to apply later. In this case you could delete the folder 100% themesto restore the clean copy of your template.
Check now all directories inside the folder uploads to make sure that no PHP executable file type, if there have to remove it .
Step 6: Back up WordPress
Now we use the copy prepared in Step 4 and can upload the new WordPress via FTP.
If you have deleted the template reminds you’ll need to back up a clean copy.
Step 7: Change Password administrator and reinstall your plugins
Now you should have access to your desktop, and from there change the administration password. Remember to always use strong passwords and also recommend to your users that use them . You should not use password like “gatito77” or “Belén Esteban”. If you do it is very possible that sooner or later put it easy for you to hack again.
If you do not like random passwords as K% 39Dj; dk4 $ d, you can also set up a password that you can remember and is safe as David $ 97MiCasa44 ;. But using a complex password should be one of your priorities.
In my case I use password managers to help remember all the passwords and my favorite is1Password .
Step 8: Remove warnings from Google
Now that you are free from malware is time to tell Google that we have solved the problem to not show the ugly message that our site is potentially dangerous . You have to login or create an account in Google Webmaster Tools , add your site, click on Security Issues , and from there to request application for review.
I hope that now your site is safe and clean!