Overview
If your WordPress site shows redirects, unknown admin users, strange PHP files, or spam pages, it may be infected with malware. Follow this guide to clean it safely.
1. Scan your hosting account
DirectAdmin includes a built-in virus scanner:
- Go to Advanced Features → Virus Scanner
- Scan public_html
- Remove suspicious files
2. Change all passwords
- WordPress admin
- All users
- MySQL database password
- FTP accounts
- Email accounts
3. Reinstall WordPress core files
- Go to Dashboard → Updates
- Click Reinstall WordPress
4. Delete unknown plugins and themes
Remove anything you don’t recognize.
5. Clean .htaccess
- Open File Manager
- Rename .htaccess → .htaccess-old
- Go to wp-admin → Settings → Permalinks → Save
6. Check wp-config.php
Make sure no strange code exists at the top or bottom of the file.
7. Restore from a clean backup
If you have a backup through DirectAdmin or your plugin, restore it.
8. Install a security plugin
- Wordfence
- iThemes Security
- All-In-One Security
