I have a bunch of WordPress sites that I host with the same hosting company. I manage them with the same account so they sit in the same root directory.

I noticed that one of my sites was infected with malware. Is there a quicker way for me to check all my sites other than installing an anti-virus plugin in each of my websites and scanning that website?

It's hosted with a webhosting company so I cannot install software on the server just like that.

I have a bunch of WordPress sites that I host with the same hosting company. I manage them with the same account so they sit in the same root directory.

I noticed that one of my sites was infected with malware. Is there a quicker way for me to check all my sites other than installing an anti-virus plugin in each of my websites and scanning that website?

It's hosted with a webhosting company so I cannot install software on the server just like that.

• security
• management
• virus

• Your sites are not separated, so yes - all of them can be infected. But no - scanning them with anti-virus software won't solve your problem - anti-virus software does not detect PHP backdoors. – Krzysiek Dróżdż Commented May 16, 2019 at 8:08

1 Answer 1

The only way that I have found (and used) to get rid of 'unauthorized' code is to manually check everything. This includes

• changing access credentials for hosting, ftp, databases, admin-level users. Strong passwords, of course.
• reinstalling everything (themes, plugins, custom code) from known good sources via a manual FTP process. Also, reinstalling WP from the Admin, Update area.
• checking all folders for files that shouldn't be there. Since you updated all files, sort by datestamp, which should make unauthorized files stand out from the recently updated files.
• look for unauthorized WP users

There is more to this procedure; I've developed a good checklist that I use here. It takes a bit of time, but my process has been successful in cleaning up sites for my clients. There are lots of googles/bings/ducks on cleaning a hacked site, also.