Home Website TutorialsWordPress How to fix when a WordPress website is infected with malicious code

How to fix when a WordPress website is infected with malicious code

by Thạch Phạm

Currently, WordPress websites are infected with malicious code/malware due to using themes, plugins of unknown origin, themes, paid plugins that are shared for free and you are given malicious code. Or setting a simple, easy-to-guess password is a very common occurrence.

So when your website is hacked or infected with malicious code, what do you need to do? Let’s follow along.

The reason why infected with malicious code

  • In the process of uploading data, if the data on your personal computer is infected with a virus when uploading, it will bring a virus.
  • Administrative information or password are set at a simple level, not difficult enough, very easy for hackers to exploit.
    • For example, admin, admin123456, 12345678, 12345678a
  • Don’t update WordPress versions, plugins and themes to new versions (old versions have many vulnerabilities)
  • Using the free theme and plugin is very likely to be infected with a virus compared to the paid version.
  • Using paid themes and plugins but shared for free also makes website very easy to install malicious code.
  • Non-compliance with standards, security rules of website/hosting usage.
  • Do not regularly scan websites with tools and plugins to scan for malicious code.
  • Website operating on the internet, there will be risks every day, every hour because there will be hackers, auto bots find vulnerabilities to exploit and insert malicious codes, so the website needs to be checked for updates and regular maintenance.

What to do when the website is hacked/infected with malicious code?

When a website is hacked/inserted malicious code, you often find malware scanning tools. I would like to introduce a plugin with the function of scanning malicious code, this plugin has 2 paid and free versions.

I do not guarantee it will be 100% removed, but it may be a good solution for you. You need to do it manually to filter.

Steps to deal with malicious code

Step 1: Install the malware-scanning plugin

You install this plugin and perform the scan, click Start New Scan (the scan time is fast or slow depending on your source code).

 Simple malware handling with plugin

After the scan is complete, you will see the plugin shows very detailed files. As shown below, you can see the files in wp-content/theme are very infected.

 Simple malware handling with plugin

Step 2: Identify folders, files and malicious code

 Simple malware handling with plugin

You click on those files, the plugin will show the next paragraphs that are malicious, you copy this code and go to the source to find the exact file.

Step 3: Filter and delete malicious codes/files in the source code

Open the file, if you will see strange codes, not in the structure of the theme, you delete it.

If the file only has 1 paragraph inserted, press Ctrl + F and paste the code I circled in red to search to find that exact code and delete it.

 Simple malware handling with plugin

Here is a source code I have supported a client scan.

 Simple malware handling with plugin

If the scanned plugin displays the entire file, eg file system_m.php is not in the source code, the theme => you can DELETE that strange file.

 Simple malware handling with plugin

It will take quite a while to process this.

 Simple malware handling with plugin
 Simple malware handling with plugin
 Simple malware handling with plugin

After the deletion is complete, you can scan again.

 Simple malware handling with plugin

Step 4: Update the full version of the WordPress source code

After removing the malicious code in the steps above, you need to make sure that your website is using the latest version of WordPress and that all plugins and themes in your website are also fully updated.

With unused themes and plugins, you should remove them from your website immediately to avoid being exploited.

Above are the steps you should take when your website is infected with malicious code. In addition to the above methods, there is another more radical way to remove malicious code, which is to reinstall the website but keep the data intact, you can refer to here.

Đánh giá

Bài viết cùng chuyên mục

AZDIGI – Không chỉ là đơn vị hàng đầu trong lĩnh vực Web Hosting và Máy chủ, chúng tôi mong muốn mang lại những kiến thức bổ ích nhất và luôn cập nhật thường xuyên cho cộng đồng người đam mê thiết kế website, công nghệ,…

Vui lòng không sao chép nội dung nếu chưa xin phép. Designed and Developed by PenciDesign