Make a copy of your website’s files and database
Before you start cleaning, make a backup copy of the entire site, including the database. This can be done in many ways. Some WordPress hosting companies, for example, have a snapshot option that produces a copy of your website in only a few clicks. WordPress security and backup plugins are also available.
WordPress should be installed again
Check to see if the website backup is complete first. After that, delete all site files in public html except those on the server. You can now reinstall WordPress manually or via cPanel.
Install and run a security plugin scan
Install a security plugin of your choice to strengthen your WordPress security and keep track of any suspicious activity on your WordPress website. Run a scan to see if any traces of malware remain after the cleanup.
Remove any security alerts
Search engines and web providers will most likely flag your website if it has been infected for some time. Request a review through the Search Console once all dangerous code has been removed to remove malware warnings from your website.
