Yesterday my website was hacked, I don’t whether it is hacked or not but Google chrome browser was showing Malware problem because I believe someone or bot has injected a code into all of my major websites and all of them was showing Malware problem.
It was really frustrated and anger, cause I have faced many times that hackers inject their code into WordPress codes and I don’t know how they do it but we need to be always careful about our website specially with WordPress platform.
I know you are frustrated and anger about your WordPress website showing Malware problem recently but this is only showing in Google Chrome browser but it will effect your seo ranking as well cause Google will show a warning sign above your SERP’S.
The exact thing happen with me and may be like me you went straight to your hosting provider to help you. But hosting provider does not know anything about it cause there a code injected into WordPress php file not in WordPress theme and it is really time consuming for the hosting provider to look in each and every page, some hosting provider will do and some will not.
So I thought why not share this step by step method to the world, below are the steps what you need to follow to get recover from this Malware problem and I have also mentioned some information how to protect it for future as well.
Step 1: This what you will see when Malware got inside in your site.
No need to panic or become crazy like breaking the monitor. I know it happens when a new comer starts online business and builds his first website, when the website shows like this Malware problem than the devils talks behind his mind that this does not works. It always happens in this online business, we just to be careful.
Step 2: You need a FTP software, what I use is Filezilla, used many FTP software but Filezilla is good one. Already have it than it is great and probably I can assume that you know how to connect to web server.
Connect to your website by FTP software and move to next step
Step 3: Got inside “public_html” or “www” root folder
Inside the public_html or www root folder you will find “index.php” and “wp-admin” folder, inside wp-admin folder you will find again one more “index.php” file
Download the file index.php only from public_html and wp-admin folder. As show in the image.
Step 4: Open the file “index.php” in a notepad or textpad or any html editor where we can see the “index.php” file and their code inside.
Inside the file you will find lots of codes and programming stuffs don’t worry anything about it and always remember to back up your “index.php” in case any happens if it does not work.
Just remove the below code from the top, it is just on the top of the codes, the first script code which is basically used for Google analytics, nothing to worry about just remove it or delete it.
<script type=”text/javascript”>// <![CDATA[
var _gaq = _gaq || [];
_gaq.push([‘_setAccount’, ‘UA-XXXXX-X’]);
_gaq.push([‘_trackPageview’]);(function() {
var ga = document.createElement(‘script’); ga.type = ‘text/javascript’; ga.async = true;
ga.src = (‘https:’ == document.location.protocol ? ‘https://ssl’ : ‘http://www’) + ‘.google–analytics.com/ga.js’;
var s = document.getElementsByTagName(‘script’)[0]; s.parentNode.insertBefore(ga, s);
})();
// ]]></script>
As show in the image for both index.php file in public_html folder or wp-admin folder
public_html-index.php
wp-admin->index.php
Just remove the Malware code from the files and than save it as “php” file not “html” or “txt” file..
Step 5: Now upload the “index.php” file in the same folder receptively by FTP software from where you have downloaded it, public_html folder and wp-admin folder “index.php”, make sure you have removed the Malware code from the file before uploading into web server.
That’s it once you upload the files to particulars folders and when you go back to your website by Google Chrome Browser than no more Malware problems at all. Make sure you clear your cache and cookie by using the short-cut key Ctrl+Shift+Del, select all of them and delete it. Now your main website and WordPress dashboard are save from Malware dirty thing
Can you imagine now, one simple code here and there can destroy your website any time at any moment so be careful all the time, don’t install many plugins or theme which are not important for you.
I hope this steps really helps you, if not just comment below and I will go through it and try my best to solve as you know I am not a coder or web developer :), just want to help as much as I can.
Protection for future is always backup your WordPress both the files and database, every week or even every day if possible if something happens with your website than there is always backup ready. One good plugin I can suggest is backupbuddy, it is very good one.
As soon as your problem is solved than change your Cpanel, WordPress and Domain email address login details, put a strong password with numbers and capital letters so it will be hard to enter in your web server even with bots.