What to do, if the website is infected?

First aid

If your website is infected or you received a notification that some harmful software was detected at your account, you should:

1) Scan your website for viruses. Remove any detected harmful software:
How do I check my website for viruses?
Harmful software detection for WordPress

Cure your website using Virusdie

You can cure you website with use of Virusdie. It does not merely delete certain files or quarantines them, but it can also provide anti-virus treatment by removing harmful code or even adding missing segments of code to keep your website up and running. Main article: Virusdie anti-virus

At this step, you can also recover your website from a backup copy: How to recover website or download backup

Warning

Please note that website recovery with use of a backup will eliminate the root cause of the problem. After you have completed the recovery process, it’s necessary to follow steps 2 and 3.

2) update the CMS in use to the last stable version. Update all the connected add-ons and plugins;

3) refresh all the passwords that you use:

  • main password for hosting service;
  • passwords for FTPs of all additional accounts;
  • password of the database user;
  • password of the website administrator.

How did my website get infected?

The most common causes of website infection are:

  • vulnerability in the current CMS version;
  • vulnerability in the installed CMS add-on (themes, plugins, modules);
  • viruses present on the computer that is used for administration of the website.

Most often, websites are hacked in an automatic mode with use of special software. Hackers collect a massive database of websites from search engines matching certain criteria, for example, having particular versions of popular CMSs (Joomla, WordPress etc.) and their plugins that are known to be susceptible to some vulnerabilities. Then, a harmful code segment is embedded to the website files. That’s why you need to always timely update your CMS and plugin versions.

On the hosting end, your files have maximum protection and even if another client’s website gets infected, your website will be safe.

How can I protect my website

To prevent your website from being hacked you should follow a few simple rules:

  • establish individual rights for different directories and site files. Try to avoid the ‘777’ rights, as such credentials let any user have full access to files and directories of your account. Use the ‘777’ rights only in a case it’s really necessary;
  • keep track on updates of the CMS you use and its plugins on official sites and install them in a timely manner;
  • use only official CMS themes and plugins. Cracked (nulled) versions of paid scripts often contain viruses;
  • use complex passwords (with the length of 8 characters or more, containing numbers and both uppercase and lowercase letters). Remember that simple passwords are easy to guess.
  • use anti-virus software and update anti-virus databases regularly;
  • use up-to-date browser versions:
    • Mozilla Firefox;
    • Google Chrome;
    • Opera;
    • Safari.
  • don’t store your passwords in FTP clients. Viruses often get information from FTP-clients.