Call us we can help: 541-961-1889

If your WordPress website has been compromised by malware, it can cause serious damage to your online reputation and business. That’s why Webfoot Marketing and Design offers a professional malware removal service that can help get your website back up and running safely and quickly.

Our team of experienced professionals uses advanced tools and techniques to identify and remove all malware from your website. We take a comprehensive approach to ensure that your website is fully cleaned and secured against future attacks.

We understand that time is of the essence when it comes to malware removal, which is why we work quickly and efficiently to get your website back online. We provide prompt and reliable service.

At Webfoot Marketing and Design, we take website security seriously. In addition to malware removal, we also offer ongoing website maintenance and security services to help prevent future attacks. We can monitor your website for any suspicious activity and provide regular updates and backups to keep your website secure and running smoothly.

Our WordPress malware removal service is competitively priced and designed to meet the unique needs of businesses of all sizes. Don’t let malware damage your online reputation and business. Contact us today to learn more about how we can help remove malware from your WordPress website and keep it secure.

You might also try these tips;

If your WordPress site is hacked – take these steps.

Initial Steps and Diagnosis

Change your passwords

  1. Change the passwords for every WordPress user. You can do this in the “Users” menu via WordPress.
  2. Change both your hosting account password AND your php admin password.

Backup your account. !!!!!!

Cleaning up your site

Identifying and cleaning the infected files is one thing but do you know how your site was compromised in the first place? The usual suspects are weak, easily guessed passwords and compromised plugins. It’s possible the backdoor was installed on your website a while ago which means that just removing the infection you see or restoring to a recent backup isn’t enough.

In my case I didn’t identify the source of the inflection until later, so I took the cautious approach. Here is what I did:

  1. Completely removed the WordPress installation (since just re-installing WordPress doesn’t remove any new files created by the hacker) and installed the latest WordPress version into another, entirely different directory. This caused me some grief down the road with my images as their location changed and I had to re-upload them but saved me from losing sites, and my hardware, altogether.
  2. I created my users by hand, giving them strong passwords.
  3. Instead of just pointing my new WordPress installation to my original database, I exported my database, table by table and imported selected tables. This was probably overkilled, but there is a type of attack called “database injection” so I was being careful to make sure I was covering the worst-case scenario. I did run into an import problem where a column “post_category” was missing in my new wp_posts table. This is because this column is deprecated in more recent versions of WordPress. What I did was delete the table in the new WordPress database and let my script create the older version of the table – ta-dah.
  4. Reinstalled my theme and plugins – which I am still in the process of doing.

Getting off Google’s blacklist

If Google has identified you as an attack site, visitors will see a scary red image warning them away (see picture above). You want that to go away as soon as possible so you will need to ask Google for reconsideration. I did this as soon as I had reinstalled WordPress (step 1 above). If your website is already set up in Google Webmasters Tools just log in and request a malware review. My website had already been flagged by Google so it was pretty obvious how to request a review. The review took about a business day at which point the red attack page stopped appearing. I even got an email from Google warning me about the malware although by then I had already taken action.