Steps To Take After Removing WordPress Malware Infection

A few days ago, I wrote about how we got our arms around a malware infection of this site. With the help of, the site was scanned, scrubbed clean of malicious code, and site’s URL was submitted to the various powers-that-be to have Remodel Blog removed from blacklists.

Upon completion of its work, sent an email with a good number of helpful suggestions, such as:

  • Change FTP or SSH password
  • If you use WordPress, change the Administrator password
  • If you are not the only Administrator, make sure other Administrators’ passwords are changed as well
  • If some people with Administrator status no longer use their accounts, remove them from the Admin Panel
  • Run a virus scan on your desktop and laptop machines, and put this task on your calendar as a recurring event, so you will repeat it regularly
  • Update your site and its software. Outdated software is one of the main culprits leading to problems. Remember that this pertains to backups and unused installs as well. Delete these from the server.
  • Start doing back-ups of your site, including the database. The latter was something I had completely overlooked!
  • Check out these very useful articles from, including one about what makes a good password and why. Better yet, sign up with these folks to have your site monitored. And no, we do not receive a referral fee. Remodel Blog is simply a very satisfied customer.

Warning: count(): Parameter must be an array or an object that implements Countable in /home/remodelb/public_html/wp-includes/class-wp-comment-query.php on line 399
No comments yet.

Leave a Reply