I just finished cleaning a WordPress site for a client that was severely compromised. The site was blocked by Google for distributing malware.
These were the steps I took:
- Create a backup of the root folder, and the database
- Remove unauthorized users - especially those with administrative privileges
- Compare the root WordPress folder with a known good instance, and removed files and foldes that shouldn't be there.
- Install the Anti-Malware WordPress plugin
- Update the definitions
- Run a full scan
- Check the results
- Allow the plugin to fix the issues
- I highly recommend donating the $29!
- Remove all the SPAM posts and comments
- WP Bulk Delete is an extremely useful tool!
- Change the passwords for all the users with administrative access
- Remove unneeded Plugins and Themes
- Update all needed Plugins and Themes
If you don't want to go through the hassle, we are happy to this for you! Reach out to me here.