How to Get Rid of Malware on Your WordPress Website

A website can make or break people’s perspective of whether or not you’re credible. When someone is legit, not only do they have a website but it’s one that is functional and findable. When you have that going for you, you can win their attention.

But what do you do if Google isn’t playing nice? What if you think you have Google Analytics and Webmaster Tools working for you but in reality, they’re not?

In today’s post, I’m going to not only share with you how I was able to fix my standing with Google search results, but also help you hopefully prevent future hacks.

 

My Introduction to Malware (the Hard Way)

So, here’s the deal. The New Inceptions site has been around since 2010. And for a long time, while I wanted to follow in the footsteps of the people I was learning from, for one reason or another, I wasn’t able to fully commit.

I’d write a post here or there – but never really had the time to actually put time into it.

And many times, what isn’t a habit, simply gets ignored.

Well, that’s what happened to the site. I wasn’t using it and because I wasn’t, the WordPress install files (including themes and plugins) all fell behind in updates.

The problem is that many of these updates are for security. And, truth is, if you fall behind, you’re leaving yourself prone to attack.

I didn’t know that at the time – and that’s when someone decided to upload malware on my site.

The way I found out was that I simply tried to hop on one time and I was given this warning instead of my site:

Needless to say, I started to panic a bit.

Well after a few days of trying to figure the thing out, I basically decided that I was going to have to dump my site and start over.

And so I did.

 

But apparently, even after doing that, I hadn’t gotten rid of the problem.

 

I’d find out shortly after I relaunched New Inceptions in 2015, that I still hadn’t figured it out. But my solution at the time seemed to fix the problem…

 

2016 – A Chance of Intermittent Head Scratchers

So, there I am, moving along in 2016 with the AoL podcast and my regular scheduled blog posts.

 

I was about a year in and I was realizing I still hadn’t really gained much new traffic. Part of that, I figured, was simply because I didn’t know what I was doing with SEO. So I started following some advice that I was picking up from Bryan Harris and Brian Dean about how to structure posts so that they attract more people AND start ranking for SEO organically.

 

In the end, none of it seemed to work. I was still getting all this traffic from Indonesia and other asian countries – but not much from the US.

 

So weird. But my host couldn’t tell me why, nor could anyone in Google.

 

So I kept plugging away believing that like anything in life, success comes with time.

2017 – A New Host

Skip ahead to a few weeks ago – Houston got hit by Hurricane Harvey. As a result, Hostgator had all kinds of issues. From what I can gather, their primary server farm for the US is/was based there as well as their North American support staff.

 

Well, New Inceptions, along with my clients websites, were having all kinds of reliability problems.

 

So I decided that we’d have to move to another host. And luckily, Jake at America Multi-Sport had already tested another host for our Viking Trail Run series.

 

He was having good success with it (wasn’t slow, didn’t limit bandwidth, etc.) and I soon realized that I was going to move my account as well as client accounts over to the new host.

 

It was around this time that I had chosen to simply google NI and the result that I got simply blew me away:

What in the world?!?

 

So I had the folks who were migrating NI to the new host could check for malware.

Unfortunately – they didn’t find any.

For about 3 weeks, I was left in this state as I couldn’t get ahold of anyone at Google that could help.

And during this time Google thinks my site is Japanese.

Wonderful.

 

The “Current” Solution

So, recently, I’ve been networking with different leaders of various groups using Arne’s FB Growth Course, I ran across one group called Blogging for Entrepreneurs hosted by Tori Reid.

Well, I posted the above image and asked if anyone might have ideas in how to fix it.

The response that got me going in the right direction: “Check your plugins to see if any of them haven’t been updated in awhile.”

That made me go back into my WordPress Dashboard and check out what hasn’t been updated for 6 months or more. I got rid of all of those that fit the criteria.

That didn’t do it.

But as soon as I did trash my last plugin, I get a notice from Wordfence saying that I might have some bad files in my installation of WordPress.

So I get over to see what it’s talking about…

AND THERE WAS STILL MALWARE!

Not only was this malware red flagged but it apparently it was installed from 2010 and 2011 – exactly when I first started having problems!

I couldn’t press the delete button quick enough! Lol.

After which, I update my Yoast SEO sitemap (an XML file you upload) on Google Webmaster Tools – and later that day, my the result looked like this:

Hey, it’s not Japanese anymore!!

 

Final Result

As time has gone on since implementing this fix, my results have started to look better and better.

 

Today, I ended up with this as my results for NI:

I think it might be finally fixed!

 

Action Steps

Alright – so guys, I hope you learned a couple of things in this one. First, don’t give up on problems you might not have the solution for right now. Just know that eventually it’ll work itself out.

Secondly, if you have WordPress installed – GET WORDFENCE for your site. Not only did it see these malware files, but it’s also limited tons of people from getting in and causing more mischief – including banning their IPs!!

Have any recent successes yourself with something you’ve been struggling with for awhile? Let me know. I’d love to hear about your win!!