From The Very First Version Of
Wordpress, To The Latest, There Have Been Hundreds Of Updates Available - Some
Of Which Patch Very Big Security Holes. Over The Last Few Years The Term
"Malware" Has Been Used In Conjunction With recover
wordpress site That Have Been Compromised (Hacked) Through One Of These
Security Holes. While Malware Is Typically A Term To Describe A wordpress virus
removal With A Payload On A PC, The Term Is Now More Often Used To
Describe A (Wordpress) Website That's Been Infected With SEO Spam, Or Malicious
Scripts Or Code.
The Best Prevention For wordpress malware
removal Is Simply Keeping It Up To Date. As New Releases Become
Available, Perform The Upgrade As Soon As Possible. In Addition, Also Be Sure
That Your Installed Theme And Plugins Are Up To Date As Well.
While Updating Wordpress Is Great
Preventative Medicine There Are Multiple Additional Things That You Can Do To
Further Protect Your Website:
Be Sure To Remove Any Plugins
That You Aren't Using (That Are Deactivated). Even Unused Plugins Can Be A
Security Risk. Also, Be Sure To Only Leave Installed Plugins That Have Had An
Update Within The Last 12-18 Months. If You're Using Plugins Older Than That,
They May Not Be Compatible With The Latest Version(S) Of Wordpress (Or Your
Theme) - And They Could Have Security Holes As Well.
How Old Is Your Wordpress Theme?
If You Purchased It From A Developer, Check And See If There Is A Recent Update
Available For You To Install. If You Have A Custom Theme (Or Even One You Coded
Yourself), Be Sure To Have It Reviewed By A Competent Developer Or Security
Expert About Once Per Year To Ensure It Doesn't Have Security Holes.
You Should Install And Configure
One Or More Popular Wordpress Plugins To Secure And Harden Your Website (Beyond
The 'Out Of The Box' Setup). While Wordpress Is A Very Mature And Secure
Platform, You Can Easily Add Multiple Additional Layers Of Basic Security By
Changing Your Admin Username, The Default Wordpress Table Name, And Security
Against 404 Attacks And Long Malicious URL Attempts.
If You Think Your Wordpress
Website Has Been Hacked Or Injected With Malware, Malicious Scripts, Spam
Links, Or Code, The First Thing You Should Do Get A Backup Copy Of Your Website
(If You Don't Already Have One). Get A Copy Of All Files In Your Webhosting
Account Downloaded To Your Local Computer, As Well As A Copy Of Your Database.
Next Install One Of The Many Free
Malware Scanner Plugins In The Wordpress Official Free Plugin Repository.
Activate It, And See If You Can Find The Source Of The Infection. If You're A
Technical Person, You Might Be Able To Remove The Code Or Scripts On Your Own.
Be Sure To Check All Your Theme Files, And You Might Also Need To Reinstall
Wordpress.
If Your Wordpress Core Files Are
Infected One Of The Best Ways To Remove The Source Of The Infection Is To
Delete The Entire Wp-Admin And Wp-Includes Folders (And Contents) As Well As
All Files In The Root Of Your Website. Inside The Wp-Content Folder Delete Both
The Themes And Plugins Folders (Keeping The Uploads, Which Has Attachments And
Images You've Uploaded). Since You Have A Local Copy Of Your Website, You Can
Reinstall The Theme And You Know What Plugins Were Installed.
The Best Thing To Do At This
Point Is To Download A Fresh Copy Of Wordpress And Install It. Use The Local
Copy Of The Wp-Config.Php File To Connect To Your Existing Database. Once
You've Done This, Before Reinstalling Your Theme And Plugins You Might Want To
Login One Time To Your Wp-Admin Dashboard And Go To
"Tools->Export" And Export And Entire Copy Of All Your Content,
Comments, Tags, Categories, And Authors. Now (If You Want) At This Point You
Could Drop The Entire Database, Create A New One, And Import All Your Content
So You'd Have A Completely Fresh Copy Of Both Wordpress And A New Database.
Then Last, Reinstall Your Theme And Fresh Copies Of All Plugins From The
Official Wordpress Repository (Don't Use The Local Copies You Downloaded).
If These Steps Are Too Technical
For You, Or If It Didn't Remove The Source Of The Infection, You Might Need To
Enlist The Help Of A Wordpress Security Expert.
If Your Website Is Important To
You, Or If You Use It For Business - It's Important That You Protect It As If
It Were Your Physical Business. Would Would Happen If Your Website Were Down Or
Out Of Commission Tomorrow? Would It Hurt Your Business? A Little Preventative
Medicine Goes A Long Way:
Make Sure You Have A Working And
Tested Backup Solution In Place (This Is What Most Businesses Would Call A
Disaster Recovery Plan). There Are Many Free And Paid Plugins And Solutions To
Accomplish This For A Wordpress Website.
If You Don't Have A Wordpress
Security Plugin Installed, Get A Highly Rated And Recently Updated One From The
Official Free Plugin Repository Today To Protect Your Website. If You Aren't
Comfortable Doing This On Your Own Or Don't Have A Technical Website Person,
Then Hire A Wordpress Consultant Or Security Expert To Do It For You.
No comments:
Post a Comment