Virus and intrusion cleanup on WordPress sites

WordPress is a very secure platformThanks to its wide use, it is a well-tested and perfected tool, although it normally contains third-party items that may not be as well perfected and is also in a highly exposed environment which requires a good maintenance to prevent someone with bad intentions from accessing and taking control of the website.

The Internet is an environment that requires high levels of security.

Imagine a wireless garage door opener, traditionally they have been hacked in a very simple way, just by having the right device and listening to the radio frequency signals emitted by one of the remotes, someone specialized could replicate that signal and open the doors.

The security of these garages is not based on the security provided by the remote control; the remote control is only a small barrier that adds to the need to be physically in the garage and not to carry out activities that attract the attention of the neighbors.

But imagine that with the procedure you already know you can hack all the garages in the same neighborhood at the same time and gain access without anyone noticing. This is how intrusions are carried out on the Internet. Internet security has to be ruthless, the barriers must be complete, no loose ends can be left untied.

Good understanding of viruses and intrusions

They usually get in by taking advantage of a known security problem, constantly looking for (increasingly bizarre) methods that they can exploit to gain access to the website or server.

The second most common case is because, by some method, they have managed to find out the password.

These are usually not targeted attacks, but rather automated attacks launched on any website that comes their way. Web sites receive attack attempts of all kinds constantly, at least hundreds per hour.

Prevention is necessary to prevent them from gaining access.

When the virus enters the website the first thing it usually does is: hide to make detection difficult, replicate to ensure its survival and open “back doors” to allow easy access to its owner.

Once it has spread, only a thorough review can ensure its elimination.

The goal is to take advantage of your server or website resources: Using it to send spam benefiting from your reputation, as a phishing site to perform scams, doing SEO to affect a third party, displaying advertising, mining cryptocurrencies, stealing data and/or using it to perform other attacks.

Cleaning and prevention

At GIGA4 we know the preventive techniques to secure a website. As well as the procedure to be followed in the event of a security breach of any kind.

We have experience solving this type of problems in very different web sites and with peculiar casuistics.

Our protocol includes a review of the site files both manually and with heuristics and checksum checking, database analysis, site updates to address known security holes, changing salts and all passwords, as well as various prevention techniques.

Screenshot of the tesla.php virus, cleaned by Francisco in February 2023.

We eliminate viruses

We look for them where they are, anticipate what they are doing and eliminate them. We do this in a cloned environment to prevent their spread as we make them disappear.

Web security

By updating the site, we close known security holes. In addition, we introduce preventive measures that block the most common operations that lead to an intrusion. Finally, we offer you our maintenance service.

Priority solution

We know that a virus is a major problem that affects the operation of the website and needs to be fixed as soon as possible. We give priority to the solution of this type of problems.

We are real and human

We collaborate with the WordPress project through the “Five for the future” program. Francisco is part of the plugin review team, proactively collaborating with the security of the WordPress ecosystem. Roberto is part of the community team, organizing and participating in non-profit events to raise awareness of the tool, provide training and create professional connections.

We are a registered entity in the catalog of cybersecurity companies and solutions of INCIBE, the national cybersecurity institute in Spain. This registration proves that we are a registered entity in Spain, we provide security solutions, our site complies with the legislation and is secure.

Do you think we can help you?

If you have had a problem related to a virus or an intrusion in a WordPress site, contact us, we will tell you the first steps to follow and we will review your case to give you an effective long-term solution.

Talk to us

    L-J 11-17h
    • Granada
    • Valladolid
    • Berlin