Removing Malware from a WordPress installation can sometimes be simple, and sometimes not. Every case is different. Whether the malware goes deep into the WordPress installation, or has ‘dug it’s heels’ into the plugins.
Either way, there are methods we use to clean it, and then a secondary layer to help prevent it ever happening again.
WordPress Malware Removal
Cleaning your site – making it safe
Our WordPress Malware Removal Service has already helped a great many companies to fix their websites. From scanning, cleaning, support with their hosting, and ensuring the malware cannot enter their website again. Visit our WordPress Support page for more information about the overall support we can provide.
Step one: Can it be cleaned...
We use tools that can scan and clean your website for unknown files. These are files that are not part of WordPress, and not part of your plugins. But bear in mind, if you have plugins that are ‘paid for’, these cannot be fix. And will require a rebuild of your website. We can then provide full WordPress Support for your business.
Step 2: Will it require a rebuild?
This depends how deep your WordPress Malware goes – a scan will determine if it is deep, usually by how many issues are found.
If it’s just a few files, they can be replaced or deleted. If it is 100s, then it will require a rebuild.
What we will need to run our checks
- Full website address including login URL
- Admin level login
- That’s it!
What will the WordPress Malware Removal cost?
This depends solely on how deep the malware goes. If it is surface only, then it will be around £100. If it goes much deeper, then we will need to do the following:
- Export all Posts and Pages
- Install tools to export all Products and their images
- Export all Navigation
- Export theme settings (note not all themes have this)
- Setup new hosting to move site.
Malware cleanup/migration stories
These are genuine stories of Malware cleanups, or migrations (where a simple clean wasn’t possible) we have performed recently.
Their names and websites will of course remain anonymous to protect them.
Migration of online store
A client with whom we have worked for many years, had a bad malware infection on multiple websites on their hosting server. We believe it was hit as one site was struck and then others just followed suit.
Sometimes a cleanup can occur, but this was too deep, right into WordPress itself. So they setup a new, clean, WordPress install elsewhere, and it was our task to export every part of their website over. The thing with Malware is it tends to attack the CMS rather than the content itself. It attacks plugins files too.
So we exported all the content of the website, posts, pages, products, categories, images, orders, users and so on.
Then we exported the settings of their theme (which is not foolproof by any means).
On their new hosting, we installed the plugins cleaning from the WordPress Repository, rather than an unsafe migration via FTP (which has been hacked anyway). The theme had to be reinstalled and the licensing code also had to be attained. Thankfully they are usually transferrable.
Within a day, we had migrated everything mentioned above, copied the theme design settings, and made it look identical.
Our client then simply used Cloudflare to point their A Record from the hacked version, to the new location.
Moving Semi Commerce Flooring Website
A client near London had been hacked over the course of a few months, and they finally decided it needed cleaning up, as it was now causing problems on the front end.
Sometimes malware or a hack doesn’t affect the site itself, so the client leaves it. But this had now broken plugins too.
It was a semi commerce website that sells flooring materials, and not just in the UK. So this has to be done properly.
We used a tool to check how deep this went, but it was bad, so we had to export everything. As it was semi-commerce (catalogue only), we had no orders to migrate. Just Posts, Pages, Products and Theme Settings.
We have some tools we use that export images with the Products or Pages. If you do this normally through standard methods, it misses all images. So we were able to migrate it all, and let the server take on the hard work of ‘drawing in’ the images from the damaged hosting.
This was completed in less than a day. And the site now looks exactly as it should.
Cleanup/Migration of Estate Agent Website
An Estate Agency website got in contact with a client of ours about their hacked website. It had been hit with malware across the system. We ran some checks, but it wasn’t one we could just ‘clean’. Frankly, it rarely is. It usually requires a rebuild if no date is understood to be when the hack occurred. Else a ‘rollback’ can sometimes fix it.
Thankfully the client of ours was able to set a clean WordPress install, so we just had the job of moving everything over, installing the theme and plugins fresh, setting everything up, and using our tools to import every item. This included Posts, Pages, Property Listings, Menu Items and more.
There were other parts of this system that needed looking into as it was a rather unorthodox platform, but it was all resolved in less than a day.