If your website has been compromised, follow these steps to clean and secure your hosting package. This guide also explains common causes of infections and provides tips to prevent future issues.
Possible causes
A hacker or virus does not simply appear on your website, and the chances of an entire server being infected are extremely low. In most cases, a security vulnerability within your computer or website is the cause. Accessing your login credentials or uploading unwanted files can happen through the following:
- Using insecure (short) passwords.
- Outdated software on your web space, such as Joomla or WordPress installations.
- A self-written script contains a vulnerability, such as Cross Site Scripting (XSS) or a file upload hack.
- A virus on your computer, making it easy to obtain passwords.
- Stored passwords on your computer, typically via software like FileZilla, Outlook, or Thunderbird.
Recovery
We recommend taking the following steps before restoring your website to its previous state. This helps ensure a sustainable solution to the problem.
1. Scan your computer using a reliable antivirus program.
2. Remove all saved passwords from your computer, such as those stored in your browser or FTP software.
3. Change all passwords, including those for database accounts, DirectAdmin, FTP accounts, and e-mail accounts. Also update passwords for any software on your web space (Joomla, phpBB, WordPress, etc.). Use strong passwords with at least 8 characters, including uppercase and lowercase letters and special characters.
4. Update all software on your web space. If you installed software via Installatron, you can update it there. Otherwise, update all software manually.
5. Check all your scripts for errors or security vulnerabilities.
Once these steps are completed, scan your website for leftover code, folders, or files that do not belong on your web space and remove them.
If you have a backup, you can restore it. However, be aware that the backup file may also be infected. After restoring the backup, update your website and change all relevant passwords.
We recommend not saving FTP or other passwords on your computer. Enter them manually each time you connect, as saved passwords can be easily compromised.
Antivirus scanners
There are several good free antivirus scanners available for download. Examples of free antivirus programs include AVG, Avira, and Avast!
In addition, you can run a malware scanner such as Malwarebytes. This scanner is always a valuable complement to your computer’s security, even if you already have an antivirus program installed.
There are also specialised scanners available for specific types of viruses, such as TDSSKiller by Kaspersky.