If you manage a website made with WordPress, possibly you have fallen into the error of thinking that the security of it already comes by default with the CMS, something that obviously is not so since, in fact, WordPress without your making a configuration in this regard, is not insecure but safe either, so maybe right now you find yourself in a situation where maybe you have malicious code in your CMS that may be affecting your business, both visitors and SEO and you’re wondering how can I remove viruses from WordPress? but don’t worry, we are going to see in this post how to remove malware from WordPress.
How to know if my WordPress has viruses
This is the first thing, before spending resources of your hosting, VPS or dedicated server to do a deep scan of the files of the web application, it is important to know if you are really infected, although a minimum scan per month does not hurt anyone, you should not overdo it, so to know if you have some symptoms of malware infection is good to know, these symptoms in the vast majority of cases are.
- The website pages take a long time to load (it may also be due to multiple incidents that have nothing to do with malicious code).
- There are redirects to external websites during navigation.
- Content is created that you did not create, see from pages, articles, projects, among others.
- Users registered in the CMS receive spam emails.
- If you have any of these symptoms or if you just want to check if there is malware on your website (in moderation you know) let’s get down to business.
How to remove viruses from WordPress
To remove malware from WordPress there are many plugins, understand that, unlike antivirus software, WordPress security plugins do not have heuristics and only scan from a database of signatures, so the effectiveness of the scan will depend on 100% of the number of signatures (not false positives) with which the security plugin has, in this case, from Coldd Security we recommend the plugin Anti-Malware Security and Brute-Force Firewall.
How to install Anti-Malware Security and Brute-Force Firewall
This plugin allows you to perform scans by checking your WordPress files with an extensive and reliable signature database, and it also works as an active security plugin (although it is really best to use it only for one-off scans and then uninstall).
To use it, you first install it on your WordPress.
Then, when you have it installed, go to its settings and click on “Explorer Settings” and then you will have this panel.
How to update the signature database
Here you must register with them in order to download the new definitions (update the signature database).
When you register you will be taken to the project website, after which you can update the signature databases.
How to scan WordPress for viruses
When you have it, click on “Run Full Scan” and it will start running, keep in mind that this will consume much of the hardware resources (physical or virtual) where the service that supports your website is running, so if you notice that your website is slow, it is clear that this is because of this or the Matrix is bugged.
At the end, it will tell you if you have malware or not, in our example case there is no malware because the owners of that website saw all the free cybersecurity courses from Coldd Security.
Now you know how to detect viruses in WordPress, remember that it is not about waiting to be infected to act, it is much better to take measures to avoid having to get to this, so be aware and increase your security.