WordPress Malware Detection, Plugins & Removal
Posted on December 18, 2014
Has your WordPress site been hit by the recent spate of MalWare attacks? The recent wave of WordPress malware attacks, dubbed the SoakSoak.ru malware has taken advantage of an exploit found in the Rev Slider plugin. This plugin is very popular and in February some security concerns were identified and addressed. The reason why the soaksoak Malware has become an issue now is because end users didn’t update their plugin and we are where we are today, with tens of thousands of WordPress sites impacted with malware. Some people speculate that this malware may float around the web for years to come given how widespread it already is.
So, how can you detect this malware? What plugins should you use to sort out your site and how can you remove the bugger? Read on!
WordPress Malware Detection
If you have your site connected to Web Master Tools (and, you really should have!) then Google will notify you if/when they detect malware on your site. Once Google detects it it then puts warnings on your site like the one on the right which really isn’t great. They also add a warning to the SERPs page which will cause your CTRs to fall off a cliff. Ideally, if your site has malware, you want to detect it before Google does.
If you haven’t received a warning but want to check you can use the the Sucuri Sitetest to detect malware on your site. You can also use Aw Snap File Viewer to also test to see if there is any malware on your site, this tool can also isolate where the malware code is to make it easier to remove.
If the worst has come to pass and Malware is detected on your WordPress site then it’s time for the malware removal protocols to kick into gear! You can do it!
WordPress Malware Removal
Don’t be too daunted by the prospect of having to do some malware removal from WordPress, once you get into it it’s not too challenging and there are just a few steps you should follow.
- Contact your host to let them know you’ve found Malware. Ask them if they can help with the Malware removal or if they have any stable backups that you can roll your site back to.
- Take the site offline so as not to allow malware to spread.
- Change all passwords for e-mail, cpanels, WordPress logins etc.
- If you’ve been able to roll back then submit a request to Google via WMT to review your site and lift the malware warnings
If your host can offer you a rollback then you’re pretty much out of the woods. For malware removal a rollback is the best solution as it reverts all files to the way they were before the malware was detected. This gives you a second chance then to go and update all plugins and add any extra security as required. But, what if you can’t really go for a rollback as you’ve lots of new content that you don’t want to lose, or perhaps your host doesn’t provide that facility for malware removal? Then, we’ve got to try cleanse each file on a file by file basis, but, thankfully, there is a malware removal plugin that is phenomenal! Read on!
WordPress Malware Removal Plugins
If you have to to remove the malware using plugins the best plugin I’ve found for the job is the Anti-Malware and Brute Force Security by Eli plugin. This plugin is beyond beastly in it’s ability to remove WordPress malware and the plugin author is well on top of things. When the SoakSoak.ru malware was first detected within hours this plugin had been updated to include that threat and is now able to remove that malware completely.
Malware Removal Plugins – It’s ok to be skeptical!
I get it, you’re not convinced that a malware removal plugin (that is free) could cleanse your site. I was in the same boat until I had to use this plugin and the above steps on a few sites. Some sites had received GWT warnings which prompted us to run the tool on a lot of our client sites to keep them healthy. For every site that Google had detected a malware issue with using this plugin and the steps above sorted this issue and the sites have received the green light again from Google. Some sites were flagged by the Sucuri test site and Google hadn’t yet deteced the malware issue. This then allowed us to cleanse those sites before Google even spotted the malware. A retest on the sucuri site then showed that the Malware removal plugin had done the trick beautifully.
WordPress Malware Detection, Plugins & Removal – Preventing Better Than Curing
Like all things it’s a lot better to prevent any malware issues than having to go detect, install plugins and then remove the malware. Each malware threat comes with a few hours of research so that you can get a handle on what you’re dealing with and find a way to fix. To that end, try avoid malware – always!
– Make sure your passwords are all 100% strong by using a tool like the Strong Password Generator.
– Make sure that all your themes, plugins and core WordPress files are always up to date.
– Make sure you have some security plugins in place like iThemes Security.
– Make sure you run regular scans of your machine and any devices connected to it – inadvertently you may the source of a malware attack so important to keep your machine clean and safe.
If you follow the above you’ll reduce the chances of a malware issue on your site and you know what, that’s a good thing!
If you’ve been stung by WordPress malware I hope the above guide will allow you to get it removed and resolved quickly. If you’ve any questions please comment below or if you’d like help on your site then get in touch.
Also, if you’ve read this far I suggest you join my mailing list below and then everyone’s a winner!