If you run a WordPress website and want a quick and FREE scan to see if you have picked up any malware, pop over to sucuri.
These guys specialise in malware scanning and cleaning services for all websites. They also have some interesting articles in their blog – for example “how to create a website backup strategy” – which is a good read for anyone.
When your site is attacked, Google may notice and then your site will be effectively taken off-line until you have fixed and submitted to Google that it is fixed, they will check the site again and report back. This can all take some time – so it’s far better to have some sort of security already setup to ensure that your site is nice and secure!
Other WordPress tools to use:
Anti-Malware and Brute-Force Security by ELI. Provides a free plugin that will scan your installation for malware and identify potential threats. FREE Registration to automatically download the latest definitions and signatures.
Wordfence Security. A very popular (over 1900 5*’s at last count) plugin. You can also see ‘real time’ traffic on your website with this plugin.
Rename WP-LOGIN.php. This is a very lightweight plugin that will intercept and stop people accessing your login page (standard login page from wordpress). It’s non-destructive, which means that you can uninstall the plugin and everything will be back to how it was – lightweight as well – only 6k in size, so will have a minimal impact on your website.
Other Articles worth Reading:
Elegant Themes article about what to do after being attacked by malware.
Elegant Themes article about security with your WordPress website.
Keeping wordpress secure, from the guys at wpmudev – always a wonderful read… and http://premium.wpmudev.org/blog/keeping-wordpress-secure-the-ultimate-guide/