WordPress Doctor received the question, “Is a WordPress site restored from a backup prior to a malware infection safe?” This section explains whether or not a WordPress site restored from a backup prior to a malware infection is safe.
Is it safe to restore a malware-infected site from a pre-infection backup?
As it turns out, in some respects, even a site restored from a backup may not be safe.
1 Malware infected at the time of backup
There is a possibility that the site restored from backup already contains malware (backdoor), which was also restored in the backup.
2 The vulnerability that allowed hackers to enter the site at the time of backup remains.
The vulnerability that caused the malware infection was present on the site at the time of the backup, so it is possible that the vulnerability has not been resolved after restoring from backup.
In this case, even if the site is restored from a backup, it is necessary to further increase security by updating WordPress and plug-ins, changing user passwords, etc.
3 The site restored from a backup may not itself be the source of the infection.
Some malware today can spread via other sites on the server. For example, if you have two WordPress sites A and B on your server, even if you restore A from backup, if B has this type of malware, no matter how many times you restore A from backup or how many times you fix the vulnerability, you will soon be reinfected via B.
How can I restore my WordPress site from backup to make it even more secure?
If your WordPress site is infected with malware and you restore it from a backup, we recommend that you take the following additional safeguards
1 Security Measures
The following measures are the most effective.
Update WordPress and plug-ins, remove unused themes and plug-ins.
Remove unauthorized users and change passwords to more complex ones for users with administrative privileges.
Reference
Five free WordPress security measures
2 Malware removal security measures for other sites on the server
It is important to eliminate the possibility of malware infections that spread across folders within the server.
Malware Scanning and Removal
You can easily scan and remove malware with the [Free] WordPress:Malware Scan & Security Plug-in [Malware and Virus Detection and Removal].
Vulnerability Prevention
Update and change passwords not only for sites with malware, but also for all other sites on the server to make them more secure. This is the same as the vulnerability countermeasure for the backed-up sites mentioned above.
If re-infection occurs repeatedly, we recommend that you consult a specialist.