Imunify360 Blog

360 Malware Cleanup: Safe Way To Remove Malicious Code from Wordpress

Written by Dmitry Tkachuk | Jun 19, 2020 12:17:50 PM

Over a typical 3-month span, the average server has around 1500 kinds of malware injected into its files. Lately, a great many of these injections have been occurring in WordPress installations. What should you do when malicious code is injected into WordPress files? 

You could delete or quarantine the files, but that will break WordPress and take the website down. The same is true for most content management systems. You could restore the files from a backup, but that might rewrite important changes to the files. You could also clean them up manually, but that’s troublesome and time-consuming. 

A much better way to go is to employ Imunify’s automatic malware cleanup capabilities. Malware cleanup removes the infected part of the file, without touching the legitimate code. This keeps web sites up and running, preserves useful file changes, and saves a lot of effort. 

To see the results of Imunify’s automatic malware cleanup, let’s take a look at an example of an infected WordPress file, in this case, index.php

 

The highlighted code at the beginning is a simple backdoor (SMW-INJ-12525-php.bkdr-8) that’s been injected into the file.

Here’s the code of index.php after Imunify’s malware cleanup. It’s 100% identical to the original code of the file in a WordPress installation:

 

 

Imunify360/AV+’s capabilities are much more extensive than shown in the simple example above. It can cut multiple infections from various parts of a file, including highly obfuscated code. And, it does it in a fully automated way. 

To enable automatic malware cleanup in Imunify360, just designate “Cleanup” as the “Default Action”, then specify the period of regular scans. There are instructions for how to do this in our blog post Configure Malware Scanner for maximum speed and efficiency with 3 new settings.

Additionally, check our WordPress Security Ultimate Guide for 2021 to learn more about WordPress Security.

 

Please Share Your Feedback

 

The Imunify product team would like to hear from you. To share your ideas and observations on web-spam protection, please send them to us at feedback@cloudlinux.com.

If you have questions on how to use Imunify360, or you’d like to resolve a support issue, please contact the Imunify360 support team at cloudlinux.zendesk.com. Additionally, read our website hosting security article and learn how to keep your website secure in 2021.

Imunify360 is a comprehensive six-layers web server security with feature management. Antivirus firewall, WAF, PHP, Security Layer, Patch Management, Domain Reputation with easy UI and advanced automation. Try free to make your websites and server secure now.