Malware on your WordPress site? Here’s how to fix it!

At the beginning of 2012 I was unlucky enough to have quite a few Wordpres sites hacked and infected with Malware. This meant that anyone visiting them was seeing a rather nasty message telling them that my sites shouldn’t be accessed and could infect the users computer. Not nice… not nice at all.

After 2 weeks of trying to sort this out with my hosts, I turned to Twitter for help. And Twitter users were very helpful. Lots of people pointed me to tutorials on how to fix it myself, which would have been great had I understood any of them (my lack of knowledge not bad tutorials I hasten to add!)

What I wanted was someone who could help me, not charge me the earth, and get my sites up and running again.

In came my knight on a white steed, Keiron Skillett from BetterWebSpace – within an hour we’d chatted on Skype, sorted out what the issue was, and he set about fixing it. 3 hours later it was sorted, and within a couple of days the warnings had disappeared. I didn’t have to mortgage my house to fix it, there was no drama, he took over and sorted it, leaving me free to run my business.

Of course, you may not want to pay someone to sort it for you (although I would hazard a guess that the money you’re losing by having a hacked website is much less than Keiron would charge to fix it), in which case, here is a great tutorial on how to fix it yourself.

Once you’re fixed, you’ll want to make sure your WordPress install is secure and hopefully unhackable – Blogmistress Babs Saul has some great posts on this here: Securing WordPress.

It’s a fact of life that there are nasty people out there exploiting every hole they can in your WordPress security, but with the help of Keiron (on Twitter at @Keiron

) and the tips from Babs, you’ll be well on your way to fixing that malware issue and making sure it doesn’t happen again.


Enhanced by Zemanta
Related Posts Plugin for WordPress, Blogger...
About Nikki

Author of many 30 Day Blogging Challenges, Nikki spends her time helping small businesses with Internet Marketing and Social Media Marketing. With 17 years of experience, she hasn't yet found someone she couldn't help to get more business from their website.


  1. Hi Nikki,

    Thanks for the post! I thought I’d share one of the easiest things people can do to say secure!

    Always ensure they are running the latest version of WordPress, your themes and plugins, also uninstall things you aren’t using (they only leave holes that are easily forgotten when doing updates!).

    It’s a good starting point, as Nikki says, there are always people around who will try to exploit WordPress and it’s a case of staying that extra step ahead!


  2. Thanks for the mention, Nikki
    I’ll keep Keiron’s details to hand too! He’s right – keep things updated as the WordPress bods are working on security all the time – they know it’s a target and do all they can to look after us.

    One of the immediate things everyone should do is not use “admin” for an administrator level username. Very easy to set up a new one, one that is not visible/used for posting, ideally – and then drop the admin user to subscriber or remove.

    Off to follow that nice chap on his white steed now… 🙂

  3. Thanks for the help. I felt that my blog was compromised, but after checking with the tutorial, I found everything all right.

Speak Your Mind


CommentLuv badge

Real Time Analytics Google