Need Help to remove Malware in wocommerce

We run a wocommerce website, was one of the best performing it had a malware attack through some unsecure plugin, We have tried everythign to remove the and have no sucess, do not want to do a new load as all the customer data and design will be lost.

Plugins dont work any suggestions of help will be much apprciated.

thank you

 

what this malware actually doing , how did you notice its there? how your wocommerce working ?

 

upon visting the website with it shows pop up messages.

 

try to add sucuri in your website , it will sort out, adding just a plugin might not help, you need to scan and check inside some php files like , header.php wpconfig and htacess file , there might b a long line "numbers" like code ..

uninstall any crack plugin if you are using...

or you can submit your website to them with access details and they can help you.

 

Many thanks and much appropriated for taking your time to advise and reply. Yes this plugin is already added now on to new installs, It turned out theme from theme forest was infected with this numbers code . which was redirecting to allow page and then to a an affiliate chinese site.
However damage is already done as our Vary best working website is down and its been 19 days Main advertising account is suspended .

 

Sorry about your loss. But for future purposes, I will summarize how I 100% handle stubborn Malware:

• First, lock them out by changing Passwords to all doors and windows to that website.
  What I mean is, Change the password to the following:
  
  • WP Admin
    
    
  • cPanel (If u use it)
    
    
  • FTP Passwords
    
• Install WordFence: This is the best security plugin to me. I have gone through their source code and they know their work.
  
  
• Scan your entire website with WordFence and delete all infected files. (Don't attempt to repair). Just delete them.
  
  
• The previous step is probably going to break the website, so you should have WordPress files and your theme files as a backup. Now if your website breaks, simply copy back the WordPress/Theme files via FTP. (You should be able to tell what is missing from the error log).
  
  
• At this point, your website should be clean. However, there are some really stubborn Malware that hides in the Database. And WordFence and many other security plugins have issues detecting some Malware in Databases.
  

In this case, here’s a “Not so efficient” way I fix it.

• Export the entire Database as a .sql file
  
  
• Rename that file to .php
  
  
• I then use a PHP Malware scanner I am currently developing to scan the newly renamed php file. (Feel free to contact me if you would like to know more about my scanner)
  
  
• When I find the malware, I try to identify the post this malware was placed on (Usually, Malware that resides in the Database would be placed as a Js/PHP code snippet). So it becomes easy to simply remove the affected area.
  
  
• Once this is removed, Congratulations!, your website is Clean and secure.

Another reason I like WordFence is because if maybe a skilled hacker finds a 0 Day vulnerability in your website and breaks into your Website again, you will get an Email before they are able to do anything. And you keep getting emails if any of your files is being modified.

 

Removing malware from your WooCommerce site requires caution. Consider a professional for guaranteed safety. If determined to do it yourself, back up your site completely first! Then, identify and remove suspicious files, update plugins/themes, change passwords, and run a security scan. There's a risk involved, so proceed with caution.

 

You can try using a security plugin like Sucuri or Wordfence to scan and remove malware. Also, your host's control panel usually has an antivirus that you can scan.

 

Additionally, utilizing the antivirus tools available in your hosting control panel can provide an extra layer of security. It’s always good to have multiple layers of defense when it comes to website security.
Remember to keep these security plugins updated to the latest versions to ensure they can protect against the most recent threats.