Best way to clean up Wordpress site with malware

Wordpress site cleanup.  Site URL shows as Hacked on Google search.

What is the best system, service or potential plugin to clean up a wordpress site that has been infected with malware?
LVL 2
axessJoshAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Matt CyncarCommented:
Unfortunately once a site has been compromised, it can be difficult to find all the injected code. We use cPanel for our WordPress sites and backup/restore has worked flawlessly. Nothing replaces a good backup/restore process and it's much easier to restore a known working site than trying to fix a broken one. Do you have backups of the site?
axessJoshAuthor Commented:
I'll have to check.  I'm helping a friend with his site.  

If there are no backups, are there any tools that can help?
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
I've recovered many 100s of WordPress sites over the years.

Fastest recovery took a few minutes. Longest recover took roughly 50 hours, spread across many weeks, as reinfections occurred + new exploits were then discovered + removed.

Based on your question, I'd suggest you hire someone to do this for you.

First step is usually to change hosting. Here's why...

Recently a client asked me to give him a ballpark overview of reasons for sites being hacked.

I went back over WordPress site cleanses I'd done over the past few months, then I went back over several years.

I found <10% of site hacks occurred through WordPress + the rest (majority) of hacks were due to OS based problems, like a hosting company running some insanely old version of PHP or FTP (rather than SFTP) or non-SSL logins.

So first step to cleansing a site is always move to hosting running all latest stable LAMP code - Linux/Apache/MariaDB/PHP + latest OpenSSL + no plain text logins (so SFTP + all site logins are SSL wrapped).
Terry WoodsIT GuruCommented:
If you want a semi-affordable paid service, I recommend wordfence.com (will cost $200 ish)

I agree that restoring from backup is a good option. Ensure that all the files are erased first, and before you allow the site to be live to the web again it's a good idea to ensure all plugins and themes, and WordPress core, are up to date. Change all passwords for important user accounts (admin ones especially) and the hosting account and FTP accounts too.

I recommend installing Wordfence to help prevent brute force attacks, and if you activate the firewall it can block some vulnerability exploit attempts too.

WordPress sites need to be kept up to date; it only takes days (or perhaps hours) after a vulnerability is announced before it is widely exploited. This might be a professional WordPress site management service is a good option, if you don't want to try to do it yourself.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Google

From novice to tech pro — start learning today.