SOLVED: 5 Easy Steps To Check Your WordPress Site for Hacks & Clean Them Up

If you are having problems with your WordPress site or you just want to ensure it is fully functional, there are several free and easy to use services you should quickly run through:

1. sitecheck.sucuri.net – free scan of your site fo known malware, viruses, errors, blacklisting…
2. godaddy.com/web-security/website-security-check – this is an excellent free tool that tests and reports more information as Securi (in fact it includes Securi)
3. search.google.com/search-console – the Google Search Console (formerly Google Webmaster Tools) will provide you with solid information on problems they have found with your site
   1. If you have not setup your website with Google, you can use their public Safe Browsing Site Status page
4. Wordfence Plugin – Wordfence is the number one security tool for WordPress.  They have a completely free version that is easy to install and not too challenging to configure.  The only Wordfence changes you should make to the defaults immediately after the install is complete is Wordfence > ALL OPTIONS > SCAN OPTIONS  and enable:
   1. SCAN THEME FILES AGAINST REPOSITORY VERSIONS FOR CHANGES – This will compare your themes files to known good versions
   2. SCAN PLUGIN FILES AGAINST REPOSITORY VERSIONS FOR CHANGES – This will compare your the files your plugins use against known good versions
   3. SCAN FILES OUTSIDE OF YOUR WORDPRESS INSTALLATION – which will scan ALL files on your site and not just those managed by WordPress.  This is particularly helpful if whatever attacked your site added .HTML or .ASP pages to your site that you don’t know about
      
5. Your host – after you have gone through these steps, contact your host (i.e GoDaddy, Wix, BlueHost, HostGator…) and have their technical support team take a look