If you found this guide, chances are you’ve already encountered problems on your site.
One of the most common problems is the appearance of redirects to third-party sites, when instead of your site you get to a site that is completely unknown to you, with some kind of advertising or other nonsense. Either you can’t enter the admin panel of your site, and instead of the login page you see either an empty page, or when you enter your login and password, it’s not the login that works, but again a redirect to a third-party site.
Either your site has become slow, or you received a spam warning from your host.
The first thing to do is to check the site using the Google and Yandex search engines.
Google safe browsing and Yandex site status check.
2. Dr.WEB antivirus, simple link checking.
3. PCrisk online check for Malware.
4. Sucuri online check for malware, viruses, blacklists and more.
5. Quttera online check for Malware.
6. UrlScan online site check.
7. Malcure a simple but rather lengthy site check.
1. Wordfence эthat plugin scans the site for viruses perfectly and has a good firewall. In this case, you can see in the report which file was infected and try to cure or delete it.
2. WP-Optimize this plugin is useful for optimizing the site as a whole, and it will be especially useful to use it after cleaning the site of viruses in order to remove all remaining garbage from the site.
Go to the file manager and check the index.php file in the root of the site. If there are extra pieces of code in it, remove them.
Check the permissions on files and folders, set the correct ones if they have been changed. (folders – 750, files – 640. Except wp-config.php file)
Delete all strange files (only if you understand what should be there and what should not be).
Check the uploads folder and remove all .php files from it. There should never be .php files in the uploads folder!
Through SSH to /wp-content/uploads/ run the command: find . -name “*.php”
Check for eval(), base64_decode(), gzinflate(), str_rot13() functions
via SSH with the find command. -type f -name ‘*.php’ | xargs egrep -i “(mail|fsockopen|pfsockopen|stream\_socket\_client|exec|system|passthru|eval|base64_decode) *(”
Check for backdoored images with find wp-content/uploads -type f -iname ‘*.jpg’ | xargs grep -i php and find . -type f -name ‘*.php’ | grep -i ‘<iframe’
Check the database.
Log into the SQL database via phpMyAdmin and check if there are any extra users.
Virusdie a high-quality and powerful tool for detecting problems and treating the site. To check the site, you need to install it in the root of the site (you will need access to hosting). Limitations in the free version – the ability to check the site only once a month.