Cara Menghapus Malware Dari Situs WordPress Anda

Cara Menghapus Malware Dari Situs WordPress Anda

Cara Menghapus Malware Dari Situs WordPress Anda.

 Cara Menghapus Malware Dari Situs WordPress Anda



WordPress adalah salah satu sistem manajemen situs web paling populer yang digunakan di seluruh dunia. Menurut W3Techs, ini mendukung 34% dari semua situs web di Internet. Popularitas WordPress sebagian karena banyaknya plugin dan template yang tersedia yang memungkinkan hampir semua hal dilakukan di situs web.


Berbagai fungsi itu datang dengan kerentanan juga. Peretas sering kali dapat mengakses kode dan menginfeksi situs WordPress dengan malware sama seperti mereka menanam malware di router.

Daftar isi


Malware dapat menginfeksi dan menghancurkan situs Anda, jadi penting untuk bertindak cepat untuk menghapus malware dari situs WordPress Anda.


Hubungi Host Web Anda Terlebih Dahulu


Sebelum mencoba salah satu saran di bawah ini, hubungi perusahaan hosting Anda terlebih dahulu. Ada kemungkinan bahwa server host, terutama jika Anda berada di server bersama, menyebarkan kode berbahaya dari situs lain ke situs Anda.


Minta mereka untuk memindai server mereka untuk memastikan itu bukan pelakunya sebelum mencoba menghapus malware dari situs Anda sendiri. Selain itu, mereka dapat memberikan saran kepada pemilik situs web yang kurang teknis tentang cara memindai dan menghapus malware dengan aman dari situs mereka.


Beberapa host mungkin juga menawarkan layanan di mana mereka akan menghapusnya untuk Anda. Dan kemudian buat cadangan situs Anda, mengurangi risiko membawa malware ke cadangan Anda.


Host web memiliki keahlian, alat, dan opsi untuk menangani malware, jadi tanyakan kepada mereka terlebih dahulu sebelum mencoba melakukannya sendiri.


Lakukan Tindakan Pencegahan


Itu selalu lebih baik untuk mencoba mencegah ancaman sebelum terjadi. Tindakan paling penting yang harus dilakukan pengguna adalah memastikan mereka selalu menjalankan WordPress versi terbaru dan paling stabil, meskipun mereka hanya menginstal versi uji coba di komputer mereka.


Versi yang lebih baru biasanya dirilis untuk memperbaiki kerentanan umum yang ditemukan di versi sebelumnya. Hal yang sama berlaku untuk plugin dan tema. Tetap perbarui dan hapus yang tidak Anda gunakan.


Beberapa dari banyak masalah negatif yang dapat disebabkan oleh malware di situs WordPress meliputi:

  * Web dan MySQL meningkatkan konsumsi sumber daya server.

* Iklan yang tidak diinginkan.

  * Surat spam dikirim dalam jumlah besar.

  * Pencurian data pribadi pelanggan dan pengguna.

  * Hilangnya informasi dari situs Anda.

  * Penalti Google.


Apa yang dapat Anda lakukan jika situs web Anda terinfeksi atau diretas? Pada artikel ini, kami akan menguraikan langkah-langkah yang dapat Anda ambil untuk menghapus malware dari situs WordPress.


Gunakan Plugin Penghapus Malware WordPress


Jika Anda dapat masuk dan mengakses area admin WP Anda, Anda mungkin tidak perlu memuat ulang seluruh situs Anda. Menggunakan plugin WordPress yang sesuai dapat membantu menghapus malware dari situs WordPress Anda.


Keamanan MalCare


MalCare adalah plugin premium yang akan langsung menghapus malware dari instalasi WP Anda. Tidak hanya akan membersihkan situs yang diretas, tetapi juga akan melindungi dari pelanggaran keamanan di masa mendatang.


Salah satu dari banyak manfaat MalCare adalah memindai situs Anda di servernya sendiri. Situs web Anda tidak akan mengalami beban apa pun pada sumber dayanya dan akan terus berjalan dengan lancar.


Ada empat tingkat harga mulai dari $99/tahun untuk satu situs (Pribadi) hingga paket Custom Agency Plus untuk lebih dari 20 situs.


Malcare adalah plugin keamanan WP komprehensif yang mencakup banyak fitur tambahan seperti:

  * Peringatan email waktu nyata.

  * Melacak perubahan file kecil.

  * Meminimalkan alarm palsu.


KataPagar


Salah satu plugin yang paling banyak digunakan untuk keamanan WP adalah WordFence. Ini termasuk pemindai malware dan firewall titik akhir.


Dari perlindungan terhadap serangan brute force hingga blok firewall, versi gratis WordFence cukup kuat untuk situs web yang lebih kecil.


If you want additional features such as two-factor authentication, leaked password protection, and advanced manual blocking, you can purchase a premium license. The pricing is based on the number of licenses you buy, starting at $99 for one.


All in One WP Security & Firewall


One of the free security plugins with the most features is All in One WP Security & Firewall. It provides an easy visual interface using meters and graphs.


The plugin is designed for beginners and more advanced developers with its three categories: basic, intermediate, and advanced.


All in One WP Security will protect websites by:

  * Providing file and database security.

  * Enhancing user registration security.

  * Blocking forceful login attempts.


Additional features include the ability to back up .wp-config and .htaccess files. Users can also restore these files if anything goes wrong on their site.


For a full list of all WordPress security plugins, visit WordPress.org. If you are unable to log in, you may have to reinstall your entire site.


If you are more tech savvy, and run a site on your own server, carefully follow the steps below.


Keep in mind that backing up your site and erasing it can be dangerous and should only be attempted by highly technical web owners.


Backup Your Database & All Files


If you’re infected and need to remove malware from your WordPress site, it’s important to protect your content immediately. Before doing anything, make a complete backup of your WordPress site so you can restore it in case anything goes wrong.


Be sure to back up a clean version of your MySQL database and FTP account. There are several ways to back up a site, including via cPanel, phpMyAdmin, and WordPress plugins (such as Vaultpress).


It is highly recommended that all WordPress users backup their site regularly. The steps below outline how to manually remove malware from your WordPress site.


Step 1: Examine Your Files


After you have backed up your entire WP site, download the backup zip file on your computer. Open it by left double-clicking on it. You should see the following files:

  * All core WordPress files.

  * Wp-config.php.

  * .htaccess: This is a hidden file and includes the name, username, and password to your WordPress database. To make sure you backed this file up, use a code editing application or an FTP program that allows you to view hidden files. Be sure to check the Show Hidden Files option.

  * The wp-content folder that includes themes, plugins, and uploads.

  * SQL database.


Step 2: Erase All Files & Folders From The Public_html Folder


When you are sure you have a complete backup of your website, go into your web hosting File Manager.


Find the public_html folder and delete its contents except for wp-config.php, wp-content, and cgi-bin folders.


Make sure you are viewing the invisible files too, including .htaccess as it may be compromised.


If you are hosting multiple sites, you should assume they have also been compromised because cross-infection is common. Follow the same process for all hosted sites on the same server.


Open the wp-config.php file and compare it against a sample wp-config file. You can find this file in the WP GitHub repository.


Also, look through your file to see if anything looks suspicious such as long strings of code. If you are sure something should not be there, remove it.


Now go to the wp-content directory and:

  * Make a list of all your installed plugins and then delete them.

  * Delete all themes, including the one you are using. You will reinstall it later.

  * Look in your uploads folder to see if there is anything in it that you didn’t put there.

  * Delete index.php after you have deleted all the plugins.


Step 3: Install a Clean Version Of WordPress


Navigate to your web host control panel and reinstall WordPress into the same directory of the original location.


It will either be the public_html directory or in a subdirectory if you installed WordPress on an add-on domain. Use the one-click installer or QuickInstall (depending upon your hosting company) in your web hosting control panel.


Unzip the tar or zipped file and upload your files to your server. You will need to create a new wp-config.php file and enter the data from your website backup. You only need to enter the database name, password, and prefix.


Step 4: Reset Permalinks & Passwords


Log into your WP site and reset all usernames and passwords. If there are any unrecognized users, it means your database has been compromised.


You can hire a professional to clean up your database to remove any malicious code.


To reset Permalinks, go to Settings > Permalinks and then Save Changes. This process will restore the .htaccess file and fix your site URLs so they will work. Also, reset all hosting accounts and FTP passwords.


Step 5: Reinstall Theme & Plugins


Don’t install old versions of your theme or plugins. Instead, get new downloads from the WordPress repository or the premium plugin developer’s site. Don’t use plugins that are no longer supported.


If you have customizations from your old site theme, look at the backup files you downloaded to your computer and replicate the changes on the fresh copy.


Step 6: Scan & Re-Upload Your Images & Documents From Your Backup


This step can be tedious, but it is necessary. Carefully look through your images and uploaded files before you copy them back into the new wp-content > uploads folder in the file manager.


Use an up-to-date antivirus program to scan all the files to see if any of them are infected. Upload the clean files back to your server using an FTP client or the file manager. Keep the folder structure the same so you don’t end up with broken links.


Step 7: Notify Google


If you found out that your site was compromised by a warning from Google, you need to let them know that you have removed the malware so they can dismiss the notice on your account.


Go to Google Search Console and log in if you already have an account. If you don’t, register your website.


Find Security & Manual Actions in the left-hand navigation. Click the dropdown and select Security Issues.


Here you will see a report about your site’s security. Choose Request a review and submit it to Google.



Sekian artikel tentang Cara Menghapus Malware Dari Situs WordPress Anda. Baca juga artikel mengenai Cara Menghapus Malware Sepenuhnya Dengan Alat Gratis yang mungkin perlu Sobat ketahui.

Lebih baru Lebih lama