10Web Help Center

Hi, how can we help?

10Web Malware Removal Program

Follow
Copy article URL

in this article

10Web Malware Removal Program

Here at 10web we take WordPress security very seriously and have implemented active and passive measures to stop attacks and malicious intent in its tracks.  But there is always a chance that your WordPress site could get infected with malware. That is why we are happy to offer free WordPress malware removal for all customers to ensure your site, visitors, and our servers are not compromised.

We monitor and periodically scan hosted sites to detect malicious code and proactively clean up a hacked website.

Once a hacked site has been detected, we immediately start the Malware Removal Process and notify the website owner. 

Malware Removal Process

Our process of investigating a site starts with the scanning for issues and removal of infections. This process may take up to one business day. Notably prevalent infections will need multiple rounds of inspection. Some rare cases may require the restoration of your site from a backup. Commonly, malware infects plugins and themes. For this reason, while removing malware infected plugins and themes, your site will be seen as broken. We recommend that the site be put into maintenance mode during the malware removal process. 

Steps Taken By 10Web

The mandatory steps in our malware removal process actualized by our Support team for repaired sites:

  1. Backup Website
  2. The WordPress core will be reinstalled.
  3. SFTP, SSH, and database passwords will all be changed.
  4. If infections are discovered in your site’s plugins or themes, removal of the infected components from the site will be performed.

Additionally, steps that may be done by 10Web

  1. Scan website with 3rth party security plugins.
  2. Temporarily deactivate plugins.
  3. Remove JS injections from Pages/Posts.
  4. Enable maintenance mode.
  5. Etc.

Steps Website Owner Will Need to Take

After we complete removal of malware from your site, you will need to take some additional steps to secure your website.  

  1. Update to the latest version: all plugins, themes, and the WordPress core.
  2. Any compromised themes and plugins removed by our support team, should be downloaded from the developer and installed. Do not clean and reuse the compromised themes and plugins. 
  3. Review and delete all unused and unrecognizable WordPress admin users.
  4. Update all WordPress admin user passwords.
  5. Update all 10Web user passwords.
  6. Based on the nature of the infection, additional instructions will be given.
  7. These steps will need to be taken within one business day of our given request. If these steps are not taken within the requested time, removal of future infections by our Support Team will not be for free.  

Infections Discovered During Migration

During migration, all site files go through a deep scan. If we discover that your site is infected, you will be notified immediately. You will have two options:

  1. Get a premium subscription and 10Web will remove the infection for free.
  2. Cancel the migration, repair the site, migrate the site.

in this article