How to Fix WordPress Malware Infection

WordPress is wonderful. It’s free and open source. However, without proper maintenance and hardened securities on the web server, it’s possible that WordPress websites and blogs get compromised. And this comes with a price.

As you’re reading this post, you may be looking for solutions or plugins to clean and fix WP-VCD malware.

The WP-VCD malware infected sites will look normal. Its injected scripted will add some new content to your site without your knowledge. On the Dashboard, the Administrator will find some limited accesses like adding new plugins or add new posts.

How to fix WP-VCD malware:

  • First thing first, to be able to have a full access to the functionalities on your Dashboard, you should replace a clean ‘Functions.php’ file.
  • Check the Users tab. Who has the Admin access? It’s advisable to lock down existing users for the time being as you’re going through the process of cleaning up the malware.
  • Install security plugins like iThemes Security and Wordfence.
  • Search for files with php extension in your Upload folders.
  • There are some PHP files you have to clean: Functions.php and a weird PHP file (name could be: 123x.php).
  • You should first look at your WordPress database. In this scenario, your WordPress may have been hacked. And as you may be limited to install WordFence, you should check the Table: wp_usermeta. Who’s logged in from which IP? Remove it and block it immediately.

Top Best WordPress Plugins

Good to Know

You have to be very pro-active when your site is under attack. As you’re working to clean your WordPress blog from infected malicious codes, you have to make you patch the security holes.

Additional Resources: