We have compiled a list of precautions for malware removal for a group of WordPress sites spanning multiple domains on a single server.

Dangers of running a large number of domain sites on the same server

Increasingly, malware today scans multiple WordPress sites that share the same parent folder (root folder) and spreads malware.
It is also becoming increasingly common for hackers, through backdoors or other means, to search for other websites on the server and embed new malware on those sites.

Therefore, if you have dozens of sites on a single server subscription, even sites with no security issues can have malware embedded via an old WordPress site in a different folder. In the worst case, the malware infection can spread to all the sites on the server.

Malware removal for multiple sites on the server

The aforementioned “scan multiple WordPress sites that share the same parent folder (root folder) and spread malware” function may be automated so that the sites are reinfected each time they are accessed.

Therefore, if multiple sites on a server are infected with malware and you perform malware removal on each site, the previous site may be reinfected while you are working on the next site.

For this reason, when multiple sites on a server are infected, it is advisable to use the following strategy for malware removal.

Malware disinfection of all sites on the server, and then replace all the decontaminated sites at once (perform malware disinfection of multiple sites at once to avoid as much time delay as possible).

If you want to remove malware from each site one by one, migrate the malware-removed sites to a different server (another contracted folder on the same server is also acceptable) and make the server only for the malware-removed sites.

Malware inspection and removal can also be done from the WordPress plugin.
Free] WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].

Security Measures

In addition, even after malware removal has been performed, if the vulnerability that allowed the hacker to enter the site in the first place remains on any of the sites on the server, it is possible to be hacked again.

We will take security measures for all sites on the server, paying special attention to the following points

・Make the administrator user’s password a random string of at least 12 characters. Investigate whether any unauthorized users have been registered.

We will investigate the vulnerability of plug-ins, etc., and update or discontinue their use if vulnerabilities are found.

For other important security measures, please refer to the following
5 free WordPress security measures

Related Posts:

  1. Notes on what to do if multiple WordPress sites across the server have been infected (tampered with) by malware.
    We will explain the precautions to take when multiple WordPress sites across the server have been infected (tampered with) by malware....
  2. What to do when multiple (or all) sites on a single server are infected with malware
    We are seeing an increasing number of cases of multiple WordPress sites on multiple domains within a single server, all or many of which are infected with malware (viruses and tampering)....
  3. What to do if you have multiple WordPress sites on your server and find that they are infected with malware
    If you have multiple WordPress sites on your server and find that they are infected with malware, here is what to do....
  4. Why does WordPress malware (tampering) spread to all sites in the server?
    I would like to explain why WordPress malware (tampering) spreads to all sites on the server....
  5. It is dangerous to get rid of WordPress malware infected sites one by one!
    If you have multiple WordPress sites on multiple domains under a single contract, and it is clear that several of them are infected with malware (tampered with), it may be dangerous to repair them one by one....
  6. If you have unused or abandoned WordPress sites on your server, we recommend that you delete them.
    If you have unused or abandoned WordPress sites on your server, we recommend that you delete them. We will explain the reasons for this and how to delete an abandoned site....