Skip to content

5 things to do if your WordPress becomes a spam distributor

WordPress is a popular CMS around the world, so it may become a stepping stone for spamming or be tampered with.
There are various reasons such as not updating WordPress, not updating plug-ins, weak passwords, etc. We will briefly introduce countermeasures when the site becomes a stepping stone for spam .

2000px-Botnet.svg

Check for malware infection

If WordPress code is tampered with hacker and embedded with malware, your site can be damaged by remote operations such as sending spam, redirecting to other sites, and embedding banners.

You can check Sucuri SiteCheck for malware infection.

sucuri
Enter the URL of the site you want to check and click “Scan Website”

sucuri2
Check result will display

Or you can use the malware scan plugin
WordPress Doctor Malware Scan & Security Plug-in

Make a backup of the site

If your site is infected, first back up both WordPress files and the database.
A backup of the entire site file can be downloaded by FTP software, and a backup of the database can be taken with phpMyadmin.

Clean installation of WordPress and plug-ins

Download WordPress itself from the official website and replace everything except the wp-content folder on the infected site.

Also, download all the installed plugins on site again and put them in the wp-content / plugin folder above.

Scan themes and upload folder tampering

Now the only folders that may be infected are the theme folder and the upload folder.

First of all, the theme is tampered with. The most reliable way to detect this is to download the current theme again and detect the difference from the theme file on the infected site.

スクリーンショット 2016-02-02 11.52.06

In addition, the upload folder visually checks everything except images and pdf files, and deletes any strange files.

Upload to server again

Finally, let’s migrate the cleaned WordPress to the server again