I. Data backup
Before I start working, first I make a copy of the website.
II. Updating WordPress and add-ons
I always update the system and add-ons to the latest version. Bugs and security holes are always regularly fixed and updated by the authors.
III. Virus elimination
I scan the website with an antivirus program. Then I download the website on a computer with FTP FileZilla client (filezilla-project.org) and search for infected elements in the code using Netbeans (netbeans.org). A virus adds encrypted data to the php files, triggered with eval, base64_decode and @include commands or to the other files <?php command. Often they can be found in the first line, with a number of spaces, so that the code is not visible when editing.
More information on CMS WordPress security can be found in the article Optimization and security / CMS WordPress:
- Wordfence Security, protection against basic attacks and viruses,
- Loginizer, login / brute force protection,
- PHP security,
- .htaccess security, blocking author search, 5G BLACKLIST/FIREWALL,
- Akismet, protection against spam.
V. Analyzing a virus
I look through system logs, identify the cause of the infection and secure the website against future attacks.
VI. Notifying Google search engine about virus elimination
I add the website to the Google Search Console. In the Security Issues tab, I notify about eliminating the virus and securing the website.
When the work is done, the website is constantly monitored. New and modified files, containing malicious code, are detected to prevent a virus attack.