Support » Fixing WordPress » All of My WordPress Sites Have Malware

  • I have tried Wordfence, deleting all of my wordpress files and uninstalling wordpress. However my sites still say DANGEROUS! This site ahead contains malware! I would say about 75 percent of all of my websites have this problem. I used wordfence and fixed all the problems that showed up. I still have this problem. If somebody could help me that would be amazing. This is really cutting into my work as I have a lot to get done.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Moderator Steve Stern (sterndata)


    Forum Moderator & Support Team Volunteer

    Remain calm and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are two.

    the question is have you removed all the malware infection or not ?

    To find out you need to run 2 scans on both these websites:

    If the scans say that you have everything clear but browser blacklisted then congratulation! In this case you just login to your google webmaster tools account and then go to security tab of your websites and confirm to google that you have cleared out your website.

    Keep me updated

    [off-forum contact info redacted]

    Thread Starter SnoopyDrew


    I ran a scan on one of my sites that I deleted wordpress from. And it says blacklisted. However I ran a scan on one of my other infected sites that has been left alone. And it says,malicous and blacklisted. Does that mean as long as I delete wordpress and get it confirmed by google webmaster tools. I will be able to do this to all of my sites? Thank you by the way!

    You don’t need to remove the entire wordpress instalation. the scan will locate the malware for you so you can go to your ftp and remove that malicious code or files. Usually malware sits in index.php , .htaccess, theme files (header.php, footer.php, etc.), plugin files, wp-config.php. Yes! When it only says blacklisted you only need to to confirm through webmaster tools and then wait for 2 hours – 24 hours for the blacklists to be removed.

    By the way, after you clean up your website. make sure to scan and clean your computer as well with these malware cleaners:

    Then you need to remove any free antivirus you are using and start buying internet security suites or use comodo internet security for free (

    After you have done all this, now you need to change all your ftp, wordpress, cpanel/plesk, shell passwords.

    Advice: AVOID installing NULLED scripts or pirated wordpress themes/plugins, shaddy torrents, browsing 3rd party websites without an internet security suites. Keep your work computer for just work and use another one to do things you like to do.

    No problem mate! Let me know how it goes 🙂

    • This reply was modified 4 years, 10 months ago by mcfreder.


    You don’t need to remove the entire wordpress instalation. the scan will locate the malware for you

    While scanners are great tools, don’t rely on just those scanners as an authoritative indication of whether or not your site is clean. There can be considerably more to it than that.

    You should investigate (in-depth) and follow the guides and instructions @sterndata pointed you to.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘All of My WordPress Sites Have Malware’ is closed to new replies.