Hack protection, wordpress virus cleaning

Your website was hacked or virus dropped? No need to panic, you're in the right place. From here hack protection and wordpress virus cleaning you will learn the methods.

As any technology develops, there will inevitably be people who want to abuse it. Today, most companies have to deliver their services to their customers websiteuses That is why there are people with bad intentions websiteprefer to perform their deeds over the s.

Why does a website get a virus?

Website hack The process of making (virus falling) between the source codes of the site using any gaps available on the site malicious codeis the process of adding Individuals acting for this purpose directly or different botsThey can do this by using They are yours this way website they can steal confidential information from your database or make money simply by redirecting your site to their ads. Some people hack your website's index page for various fundamental reasons, without doing any of these.

Is WordPress more dangerous or a normal script?

WordPress large used in common web 40% CMS systemdir. Of course, it's so big CMS system It is safer than a script written by 2-3 people. However WordPressWe are often the ones who make it dangerous. Most of the themes and plugins used in this CMS system are provided for a fee. Many web programmer Downloads and uses the "nulled" version of the paid themes and attachments from the Internet. If you get a product for free, you definitely give something in return without feeling it. Presenting them “Nulled” websites Introduces you to malicious viruses integrated into pre-codes. When you install them on your wordpress system, you make the wordpress, which is safe, dangerous.

Such viruses are often not activated in the first place. After the site has been active for some time, it appears in various popups, redirects or other images in the login.

How do I clean my WordPress site from viruses?

You need to set the type of virus or malware

The first step is to determine how a virus has spread to your website. For this, providing a comprehensive analysis in a few seconds Sucuri I recommend you to use the system.

In your search results red if a screen appears websiteYou have any malicious code. But sometimes SUCURI the system may not detect such a virus. If you get unwanted popups on your site or your site redirects to another link, then there is a virus.

In this case, if your site has a backup of the latest version before the virus appears, restore it. This will give you a second chance to find malicious code by looking at the site code before the virus spread. If a backup option is not available Cpanel or FTP over to the main folder of your website .htaccess Paste the code I gave below at the top of the file.

Note: This code only works on hosts where Apache and mod_headers are open.

Header set X-XSS-Protection "1; mode = block" Header always append X-Frame-Options SAMEORIGIN Header set X-Content-Type-Options nosniff

.htaccess By adding this to the file, you are preventing codes that run on your site from outside intrusion.

Note: Sometimes, according to your hosting provider's laws, you may not have direct permission to edit the .htaccess file. In this case, contact your hosting provider.

The main known virus types

Iframe viruses: Iframe viruses are the common name given to viruses that affect the pages on your website. This malware-type virus acts by attaching itself to HTML code. This virus can be downloaded as a Trojan to the computers of users who visit your site. In addition, because these codes are on your website Google blacklists you and does not show you in searches.

Pishing and spam: It is a type of virus that seeks and steals confidential information, such as credit card information, by redirecting users to your website to another address or a secret section within your site. In this case, the stolen credit card is yours websiteIf he trusts you, he may not understand it for a long time.

Database access: This is mostly as mentioned above “Nulled” theme or occurs during the use of the compound. Malicious codes added in this way to your site backdoor opens. Through this backdoor, the person who wrote the virus can easily access the database of your site and perform any operation here.

How do I clean the virus?

After giving brief information about each type of virus, let's move on to the main topic. First, go to the main wordpress website and reload the clean wordpress files. Also one of your website files .zip Squeeze and download to your computer. Which belongs to your website .zip Extract the file. Inside wp-content folder and wp-config.php delete everything except files. The next one you downloaded is clean wordpress.zip open archive files (wp-content excluding the folder) to the folder of your site. This way, you get rid of viruses directly from the wp-content folder and other parts of the wp-config.php file.

Note: If your wordpress files are very large and your internet does not allow you to download your site in full, you can also perform the process directly via FTP.

wp-config.php If you see suspicious codes when you look at your file, it is also clean wp-config-sample.php You can reconfigure the database data by changing it with. Rename the file after making the change wp-config.php Remember to do.

After that, the final files .zip and transfer to your hosting (if you do not work directly with FTP). Then go to the wordpress admin panel and add a new attachment from the attachments section Wordfence install the attachment. After installing the attachment, go to the Scan section and search with the High Sensitive parameter. After a short search we found this plugin not checked on your website wp-content will show you a list of all infected files available in the folder. FTP You need to delete the malicious code by going to these files.

Note: Be careful when deleting codes and do not touch the system codes. Otherwise, your website may not open.

Change your passwords

As a result of a virus on your website, your passwords may have fallen into the wrong hands. Therefore FTP, MySQL, Cpanel and WordPress By changing your admin panel passwords and assign a password that is not easy.

After all this process, if your website is working, take a quick backup and keep it. Hosting companyAsk your server to scan the rest of the secret backdoor-s may appear.

Google on websiteIf you are marked as harmful, request a reassessment. Google will continue to show malicious code on your site in searches.

In this article, I have tried to help a little bit about hacking a website that has happened to many website owners lately. This is the first time in my blog that I have such an in-depth introduction to a technical topic. I always wrote in a way that all readers could understand, but I felt the need for it.