Malware Removal for WordPress

Do you have a WordPress website that has been compromised?

If your WordPress website or other self-hosted website has been hacked, this can be a stressful time for you and your business.

We have the expertise with our global 24/7 support team and our partnership with Sucuri to help you in these situations.

Signs your website may be hacked:

  • Suspicious and unknown admin users were added to your WordPress account.
  • Customers are reporting being redirected to a spam website.
  • Files are disappearing or your website will repeatedly not load without hosting issues.
  • Files have become infected with malware.
  • Your site has been listed as a bad actor.
  • You or people are getting security virus warnings when visiting your website.
There are many ways to increase your website traffic, but here are a few tips you can quickly implement for your business now

Fast clean up powered by our expert team and global security leader Sucuri

How to check my website for a virus

There are a number of tools you can use online to help determine if there is
something wrong with your website.

We work with global and trusted leader Sucuri, to protect and remove malware from WordPress websites. Sucuri also provides a free WordPress malware scan checker here. Note, the scan is limited to public files and cannot detect everything.

In order to understand if your website is hacked or has malware, we will need to take additional steps to examine its status, files, and vulnerabilities.

How to check my website for a virus

You can also determine if your website has been hacked or contains malware by using a virus scanner. Some web hosts (like us) include this scanner free in cPanel or account dashboard. These scanners can help to check through common files and identify if anything looks out of the ordinary.

Spam filters in cPanel - Green Web Hosting service

Check if your WordPress website has a virus using the virus scanner in cPanel.

If those options are not available to you or you are still not sure whether your site has been infected with malware or a virus, then you can speak to your web hosting provider.

To identify who your provider is, you can search your domain (web address) using This will usually show you who is hosting your website. This can be seen by the nameservers in some cases, or if the company is the same one you purchased your web address (domain) from in the registry details.

For example, clients on our green web host network have a nameserver which displays our business information.

Our Do Good Principles to Website
+ WordPress Malware Removal



If we are unable to find any security flaws, we’ll let you know. And if we find something, we will do our best to tell you the possible cause.

solution focused

Solutions focused

We work with you to resolve the issue fast, as both Sucuri and our 24/7 green web host technical support team aim to deliver the best expertise for your small business.



Once the malware has been removed, we’ll delist your site with over 70 databases like Google, McAfee, ESET, PhishTank, Yandex, Opera and more.

How we remove malware on websites

We act fast to protect your website and remove the infection. Order the service
online and your website will be sent for action in a few short hours.

Step 1
We take an in-depth look into your website. Both the public view that most scanners rely on, and then the backend files attached to your server. This provides us with a detailed look at your website and to identify often missed security flaws.
Step 2
Our team of security experts will identify the possible cause of the virus or infection. In most cases we’ll be able to see some signs which will indicate how the virus, phishing, or malware got into the website.
Step 3
Remove the malware, virus, and infected files with fewer disruptions. Working with Sucuri and our 24/7 team of green web hosting experts, we’ll clean your website files fast. In most scenarios, we will be able to fix it without disrupting your business.
Step 4
Provide a detailed report with key recommendations: After finding the cause and removing the virus or malware, we will be able to provide you with a detailed analysis of what went wrong and what steps you can take to avoid it happening again.
Step 5
Delist your website from over 70 backlist databases: We’ll check if your site has been listed on any blacklists. These can prevent website visitors from accessing your website. For example,McaFee will stop users with their software from entering your website if it’s been blacklisted due to a virus or malware.
Step 6
Project management in Australia: We’ll manage the entire process on your behalf and keep you in the loop. Our aim is to do so without any technical jargon or confusing lingo. We can even arrange a phone call to discuss any questions you may have about the process if you need.
Step 7
Project management in Australia: We’ll manage the entire process on your behalf and keep you in the loop. Our aim is to do so without any technical jargon or confusing lingo. We can even arrange a phone call to discuss any questions you may have about the process if you need.

Frequently Asked Questions on Malware Removal

Select a common question from below.

We’ll need to know your website address and login details. Please note that we will only access your website temporarily, for the purpose of the clean-up process. After we finish up, you will be asked to change your login details to protect your site from the infection or virus that may have collected this information.

You can provide login details in the following forms:

  • FTP (File transfer protocol) – ask your web host if not sure.
  • sFTP
  • SSH
  • cPanel
  • Plesk
  • Website login e.g. WordPress backend


Note: You may need to provide more than one option.

In most scenarios, your website will be analysed and the malware or virus removed within 24 hours or less.

If we identify that your site requires further investigation, there may be a delay. However, we will do our best to keep you up to date and get your small business back and running with minimal disruptions.

We perform malware removal services on a wide range of content management systems including, Drupal, Joomla, Magento, and more.

There are a number of ways websites can be hacked.

A common way a website can be hacked that self-hosted websites like WordPress is prone to, is by not updating the website’s plugins and theme files. When a developer or WordPress updates these files for users, it’s for both functionality and security reasons.

Unfortunately, there are people in the world wide web who enjoy crawling through sites and identifying those with vulnerabilities like this. Hence, they can easily detect a website that is not up to date. Often they do not know who your business is, or anything about your story – nor do they care. They see this as a game of skill or, in some cases, a way to remind people online the importance of good security.

In addition, another common method is brute-force attacks. That’s when a website hacker will try and guess your password. Hackers do this based on common words, or may even use other information on the internet to determine your password. It’s important you be careful what you share publicly, and set strong and unique passwords to avoid this.

Our ability to detect virus, malware, infections, or loopholes are limited if we only have access to your public website. Even if your website is obviously hacked, we need to find the root cause to solve the issue.

Some website security software and agencies only check your site based on your content management system. Our approach is to analyse your entire website, including the server your site may be hosted on. This is crucial to understanding and fixing the issue.

Most web hosting companies use third-party tools to detect a virus. And in many cases, they can suspend your website immediately if they find it contains malicious content. This is to protect other users and their servers.

However, their efforts are limited and you cannot rely solely on your web host provider. In addition, many web host companies do not have the resources or skill to remove malware or find the root cause.

The quicker you can solve the issue, the better.

As your site will be blacklisted by more providers (including Google and McAfee), this will affect user access to your website and also impact your website’s reputation in general, as users will be warned that your site is unsafe.

We do not scan computers. We scan your website and its related server contents. Your personal computer and devices should use an antivirus and malware program with regular scans to avoid infections.

It’s important to remember that if your computer has a virus and you upload a file to your website that is infected, you may be putting your customers and business at risk.

Common software providers include Norton Security and McAfee. We are not affiliated nor responsible for either solution.

A website blacklist can prevent users from entering your website and will likely impact your conversions and reputation as a business.

When a site is blacklisted, it will often lead to an unsafe warning being seen by website visitors. It can also impact on your organic search ranking.

If your site is blacklisted, you must submit a delist request to the provider. Although these tools frequently check sites, once a website is listed, very rarely will it be delisted automatically, even if you have restored the website from a backup that you deem or is safe.

As part of our malware removal service, we will check a database of more than 70 providers and send a delist request if any are listing your website.

If you follow our post clean-up recommendations, your website will be less likely to be infected again. However, there can be no guarantees. Whilst  we make every effort to trace and remove an infection, other factors may be at play. For example, your computer may be infected, so if you continue uploading files to your website, this will still result in issues.

Another example is if you use less strong passwords. If people gain access to your website backend, this can also cause issues.

You can use the Sucuri Site check scanner. However, this won’t detect everything. You should ask your current web host or provider to scan your site as well.

If you identify anything suspicious, there is likely an issue somewhere with the website.  This may not be malware or a virus, think for instance an issue with a plugin causing an unknown pop-up for instance that is not malicious (harmful) in nature.

If you need us to perform a backup before we work on the website, please let us know. It’s important that you always have a backup of your website regardless if it is safe or not. Having a plan B and C as part of your backup strategy is incredibly important.

If you purchase our malware removal service you will not need to purchase a subscription. However, if you were to go to Sucuri directly, that’s the only way to use their service.

We are able to provide access to Sucuri and our expertise as we are a Sucuri agency partner. If you are interested in Sucuri protection and removal for your website long-term along with many other benefits, you may like to consider our green web hosting plans.

Here are some tips to protect your website from malware or infection:

  • Use a strong password and change it regularly
  • Don’t use the same password as you have elsewhere
  • Choose a secure web hosting provider
  • Add a trusted security plugin or software to your website
  • Invest in a security firewall to block attackers e.g. Cloudflare or Sucuri.
  • Add malware scanning or monitoring to your site or server
  • Keep control of your website by minimising access to data
  • Use trusted themes and plugins that are well rated and updated
  • Use an SSL certificate
  • Protect your computer and device from virus and malware

You can find more on our 8 ways to secure your WordPress website article.


Is your website safe and secure?

Order our analysis and removal service now.

Is your website safe and secure?

Order our analysis and removal service now.

Disclaimer: You agree to our terms and conditions when using this service. In addition, during the clean up process, our team and Sucuri may need to modify, remove, add or update files on your site. We’ll do our best to keep everything running as it should, with minimal downtime and disruption. We may also access your database and administration panels e.g. cPanel. This is necessary to complete the in-depth investigation, identify the root cause and protect your site. If you notice any errors, please let us know and our team will aim to fix it ASAP. If your site has been blacklisted, we will also submit your website for a review. We make no guarantees for this service and ask that you follow our post-clean-up instructions to avoid your website from experiencing these issues again. In some cases, blacklist providers may relist you incorrectly. If this is the case, we’ll resubmit the delist process on your behalf. Note, if we find that the site has been reinfected from misuse and this is the reason for the relisting, you will need to acquire this service again. You also agree to the terms stipulated by Sucuri with the exception of any request for subscription as this service does not require this.