WordPress Hacked: dolohen malware
Dolohen malware is one of the most irritating and annoying things you will face. It’s an adware that will turn your WordPress website into an ads house. This will not only make your visitors go away but they will also start hating your website. We will see all the information about Dolohen malware and see all the possible measures that you will have to take.
Hacking attacks and malware are two different things. So, don’t worry, in this case, your website isn’t hacked. Instead, it’s just malware that is damaging your website by showing a ton of advertisements. You will have to clean the infected file and the malware will be gone.
It’s going to be a time-consuming yet easy task.
Overview of Dolohen Malware in WordPress
Dolohen malware is not just limited to WordPress. It has been around for many years now. It is malware that is the most infectious.
It will automatically embed on the browsers. So, if your website is affected by Dolohen malware, it will also affect your user’s browsers. No, directly or automatically but it will start sending the requests. When the user will click on “Add”, it will be embedded in their browser. Of course, the user might not even know that this is a virus. They will surely start blaming you as it was your website and this all started from your website.
That’s the reason we said it will make people hate your website.
We will first see what this malware does.
It doesn’t compromise any data as it is just malware. However, the thing that is most annoying about Dolohen is the advertisement. It will make your website a popup house and it will start showing tons of ads on your website.
If you are using Adsense, your website might even get banned due to this. Some of the ads are redirection ads. So, whenever the user will open your website, they will head over to another website. This process is automatic and people will get fed up with your website. The worst thing about the malware is that none of the ads are user friendly. You will see annoying ads that are not at all suitable for your audience. Some of them are NSFW ads which will make things even worst.
If your website has this, you will have to remove this malware as soon as possible.
Backup your Website
Of course, with these many annoying ads, you won’t feel like backing up your website. However, that’s the first thing you need to do. A backup will help you in many places.
If we delete an important file during our scanning process, it will be harder to retrieve it. Therefore, if you have a backup, you can quickly find the file.
In the same way, if you miss out a step and crash your website by mistake, you will need to restore the previous version of the website. Therefore, it is necessary to do this and make sure that your website has a proper backup.
In the same way, if you already have a previous working backup and you have not updated your website, you can simply restore it and your task is done. However, life isn’t that easy for most people. So, let’s see the steps to clean the website.
Install Security Plugin
We will scan the website for the malware first. For that, you will have to install a security plugin. You can get one of the following security plugins.
There are many other malware scanners you can use in this place. MalCure has specified that their plugin can fix Dolohen malware redirects.
However, if you want to go with the best plugin in the directory, you can keep using Sucuri.
We will leave this to you as both of them will do the work. Just install and activate it.
Once you activate the plugin, you can run the scan.
For that, you will have to go to the plugin dashboard and then run the scan. It will be directly visible and is self-explanatory. So, don’t worry more about it. You can easily run the scan.
Once the scan starts, you will have to wait for a couple of minutes. Thereafter, you can see the infected files. Now, your next task is to fix all the files. You can easily fix all the files.
We will see that in the next step on how you can fix the files once they are detected.
Fix the Files
To fix the files, you just need to click on the fix now button shown after the scan. When you click on the button, it will start fixing all the files that are infected.
Let it run. It might take some, you will have to wait till the process is completed. Once the process is completed, you will see the cleaned website.
That’s not it. You will have to take a couple of more steps to fully get rid of the malware. We will see all the things.
Replace the Files
You can now replace the files if you want. Replacing files means you will remove the infected files from your website and add the new files instead of that. For example, if a file in the plugin is infected, we will remove that particular file and we will add the same file instead of that.
You can easily get the original file from the official website. Just head over to the official website of the plugin or you can head over to the WordPress plugin directory. Inside it, you will find the zip file that you can download. The zip file is available to all.
Now, you can extract the file on your computer to see and find the list of infected files. Once you find the path of the infected file, you can upload the same file in the same path in your file manager.
Just head over to your cPanel > File Manager and go to the path where you found the infected plugin. Once you find the list of the infected file, you can replace the file with the new one.
In this easy way, you can easily fix the files. The infected files will no longer be available. As a result, your website will be secure and you won’t see the dolohen malware on your website. This is not a mandatory step as the malware would probably be removed when you run the scan. However, if you want the extra layer of security, you can do this too.
Thereafter, you can head over to the next step of the process. Here, we will make sure that our website is secured and there are no other issues that need your attention. We will do that by updating the website and taking some of the security measures to ensure the safety of the website. Let’s begin with the process.
Update and Secure your Website
Your next step is to make sure that your website is secure. For that, we will be updating the website.
The first thing that you will have to do is to make sure the website is up to date. For that, we will update the WordPress version of the website.
If one of the themes or plugins are infected, the plugin developer will release the new update and fix the issue in the news release. Therefore, if you have any outdated plugins or themes, you can easily update them.
Further, if some of the plugins or themes are not updated for a while, we recommend you to remove them or find an alternative to them.
WordPress has a huge list of plugins where you can easily find the alternative that you want. Once you find the alternative, you can use that instead of using the outdated version of the plugin. Therefore, you must surely do this if you want to make sure that your website is secure for all users.
The next thing you might want to do is keep the security plugin on the website. The security plugin has now become mandatory if you want your website to keep your website secure and virus free.
With so many plugins out there, it has become hard to keep an eye on all of them. A security plugin will do the job and will make sure that your website is secure. Further, it will also protect you from attacks from hackers. Therefore, you should surely install one.
If you have paid attention from the start, you might be knowing that this is malware which is not just limited to WordPress. In simpler words, your computer might also be affected by it.
So, the next thing you need to do is that you can scan your computer. Even after applying all these steps, you see the malware on your website, it might not be on your website but the computer.
Therefore, you can try checking your computer and see if there are any viruses or malware in it. For that, you will have to install an antivirus and clean the machine.
Even if it was on your website, it’s highly recommended that you clean your computer as well. As we mentioned earlier, the malware might embed itself with the browser. If your browser is affected, you might mistakenly upload the same malware on your website too.
Therefore, it’s better to check it. If possible, you should also clear the browser data and clean the extensions. If you see any unique extensions that you didn’t install, we highly recommend you to remove it.
In this way, your local machine as well as your website will be secure. Therefore, we will surely recommend you to scan your computer and remove them.
Inform your Visitors
Not all people will do this but you should surely inform the entire scenario to your visitors once it is fixed. This will make sure that none of your visitors are facing the same problem.
If the malware was there on your website for a long, it might have affected many visitors as well. Therefore, you will have to think about them as well.
You can also suggest to them the best ways to remove the virus and malware from their computer. Along with this, you can inform that your website doesn’t have the advertisements now. Some people might simply be thinking that you have added a ton of advertisements on your website to earn some cash. It’s always a better idea to clarify things and be sure that none of your visitors hate your website.
You can tell the same thing via email or on your social media pages if you don’t want to post it on your website. Either way, the main goal is to inform your regular visitors that it was malware that has been removed now.
Let’s take an example, if someone visited your website when the malware was active, they will simply think that the website is closed or they are now just showing the ads. When you issue a clarification about the same thing, things will start to fall together. The visitor will know that it was malware and the website is now working fine.
To conclude, this is the exact procedure using which you can fix Dolohen malware and get your website back to normal. One of the most common reasons why this might have occurred is the installation of a plugin from an unknown source. Never install any plugin or theme from an unknown or non-trusted source. It’s highly recommended to download them from a trusted source or the official directory of WordPress. You will surely find all types of plugins in the official directory. So, make sure you download from there. Lastly, keep everything updated, and don’t forget to keep the security plugin active.
How to Clean a Hacked WordPress Website using WP AOS?
WP AOS provides a risk-free WordPress malware removal service. 30 day money back guarantee, the most complete WordPress security plugin called iThemes Security Pro (worth $199 / year) + advanced security setup, and repeated hack protection for up to 1 year is included in the WordPress cleanup service. All of this has an industry best pricing – starting from
$222 / fixed website.
We value your time and thank you for reading our blog. So, we would like to show our appreciation by giving you an additional 10% discount on our malware removal service. Use coupon code WPAOSBLOG10 at the checkout.
WordPress Hacked? Malware Removal Service
Get your WordPress website fixed today.