Day in day out you sit down at your computer and write code. You’ve been doing this for some time now, and guess what? You’re pretty good at it. But no amount of preparation can prepare you for a malware attack. If it hasn’t happened to you yet it’s probably only a matter of time.
Malware can come in many shapes and forms however generally results in some form of code manipulation. You view page source in your browser and hey… that doesn’t look right… I didn’t put that there. Usually in the form of javascript it can add unwanted content, redirect you to another site, or even collect session and cookie information from your users. Whatever it is its bad and we want it off our site as quick as possible.
Here at NetGain we like to use WordPress and these are the steps we follow when this happens.
1) Take your site down!
Malware is bad enough but it’s even worse once google finds out. The last thing you want is your rankings to be affected by this virus. Put your site in maintenance mode with htaccess to avoid google viewing a broken site and then remove every file off your server. Now this is much easier when you have a backup of your site.
2) Upload a fresh copy of wordpress
Go to wordpress.org and download a brand new copy of WordPress. Malware jumps from file to file so going through every file checking for injected code can take quite some time.
3) Re upload your theme
Before doing this it’s best to check through your theme and make sure there are no unwanted snippets of code.
4) Upload your uploads folder
Similar to above go through you’re uploads folder and check for any unwanted files. If you see a .php file you should most likely delete it unless you know exactly what it is. This folder should not contain anything other than images, videos, documents, and audio.
5) Update everything!
Make sure WordPress and all of your plugins are up to date. Older versions of any software are vulnerable to these types of attacks.