Yesterday, I got some warnings about a potential malware or virus on my site. So I spent some time hunting down whatever caused the warnings. I picked up some valuable lessons in my hunt and I just want to share those.

  • I ran my site through a number of free online malware scanners and nothing came up
  • I found the online security company Sucuri and ran their free tests and still nothing came up
  • I signed up for a paid account and got their WordPress Security plug-in
  • Using Sucuri’s Security plug-in, I ran all their tests and STILL nothing came up. See these screenshots:
  • Then finally, I enabled Sucuri’s server side scanning, and that scan finally came up with a number of warnings, including malware warnings! See the following screenshot:
  • I issued a manual malware removal request and provided Sucuri with login to my site
  • A couple of hours later they mailed me and reported that they had removed all malware from my site
  • After having had malware removed, I followed their instructions and:
    • Changed my FTP passwords
    • Changed my administrator password and cleaned up accounts
    • Ran a virus scan on my laptop
    • Updated my site with all core files
  • I then deactivated and deleted plug-ins that I don’t use anymore
  • During this process I discovered that my hosting provider, Bluehost, runs backups of all my sites and has weeks of backups in place, if I needed to revert back to a previous date
  • Just to be safe, I downloaded the WP to Dropbox plugin and scheduled a daily backup to my Dropbox
  • I ran through all Sucuri’s “1-click Hardening”-commands on my site, closing holes and vulnerabilities and turned on continuos server-side scanning
  • Just because I’m so happy with Sucuri’s product and service, I added their badge on my site which links to my site’s listing on their site…

So there you have it. I learned a lot during this process, but I what I’m most happy about is to have found Sucuri. Their product worked really well and their service was super fast. Now, I feel much more secure knowing that their service constantly monitors the health of my site.