Last updated on June 26th, 2022 at 11:41 am
If a malware is found on your WordPress site, your host will most probably limit your site and even your entire account. This seems to be a common security practice in the hosting industry. By limiting your account the hosting provider guarantees the safety of the other sites that are hosted on the same physical server.
Big hosting companies such as Bluehost, InMotion and GoDaddy scan their accounts for threads regularly on a daily basis. But as we know there are new malware and viruses every day. So even if the hosts use the latest anti-malware software for WordPress, sometimes it is hard to detect infections on time.
Hosting companies such as A2 Hosting and WP Engine provide assistance and technical support with malware removal from your infected WordPress sites. In fact, most of the bigger hosting companies will try to help before they offer you a paid malware service. In 99% of the cases with malware and malicious code on WordPress, the webmasters are totally able to resolve the issue by themselves.
This is what you need to do if one of your WordPress sites have been infected by malware
1. Log in to your cPanel, click on File Manager and navigate to the installation folder of the infected site. Usually, the site should be installed in the public_html folder.
2. Now we need to download the files locally on your computer. Once you have all of the files with you, this will let you scan all of the files directly from your computer using your preferred Antivirus software. Click on Select all so that all files and folders are highlighted.
3. Click on Compress in order to include all files in a single archive so that it is easier for you to download on your local computer.
4. Select Zip Archive and wait for the files to be compressed.
5. When the compression is finished, click on the Reload button so that you can see the newly created archive.
6. Find the archive, right-click on it and click on Download.
7. Scan the file locally on your computer.
Once the download completes, right click on the file which was downloaded to your computer and select the Scan option.
During the scan, your antivirus will let you know about the type of malware your site has. Click Delete when it asks you what to do with the infected file. After the scan, you may scan the archive once again in order to make sure that the infected files were removed permanently.
7. Your WordPress files should be clean now. You can go ahead and upload them back to your hosting account. To be sure that there are no more infected files, go back to the installation folder of the site on your hosting account and delete all of the current files in that folder.
8. Click on the Upload button from the menu on top and upload the cleaned archive file .
9. After the upload, right-click on that file and select Extract.
Congrats! You now have a clean WordPress site. If your hosting provider has placed any restrictions on your account, now it’s time to let them know that you uploaded a clean and malware-free version of your site. They will revise your account and if everything is fine, your site will be back online as soon as possible.
