My Site is Infected with Malware

Malware is the plague of the internet. It comes in many forms such as unwanted pop up adverts or an .exe file that will infect any visitors to your website, should they click on it. However some malware may not show any obvious signs at all. As the website owner, it is your responsibility to deal with malware by taking action as soon as you're aware of it which may even include taking your website offline.

Identifying Malware

Information It is always recommended that you use a virtual machine to test any website for malware due to the risks of you infecting your own machine.

Inserting code is a common method of hacking that will exploit security vulnerabilities - any form that is open to a guest or member which can be submitted is a target. Check that any comment boards, or similar areas alike, aren't displaying any adverts or links that you've not placed. Also looking for any strange looking gobbledygook code or text as it may show a sign of an attack.

You can check your website using Google SafeBrowsing diagnostics by visiting this web URL and changing the example shown to your website address -

Test any downloaded software that may be available on your website and also download your website's files and conduct an anti-virus and/or anti-spyware scan. Please again remember to use a virtual machine if doing this.

Removing Malware

It may be a hard decision, but if your site has malware you may need to consider taking it offline to avoid putting customers and visitors at risk.

Remove all offending code and fix any underlining security vulnerabilities must be done.

It is important that you remove all links and adverts to malware sites from your site. If your website also provides any software downloads, disable these until you are sure that they are not infected.

Edit or remove any user content where malware is present.

Check for any 'backdoors' that unwanted guests may have left for another attack in the future.

Preventing Malware

Prevention against a malware attack in the future is the most important thing.

The most commonly targeted websites are ones that use 'off the shelf' platforms such as Wordpress and Joomla. These are open scripts that a potential malicious visitor could have investigated to find an exploit for. It is for this reason that you ensure that your software is up to date because new releases may patch any exploited sections or code weaknesses.

Using strong passwords are consistently recommended because if you have weak FTP details for example, a malicious user could place whatever files they like onto your site and make any changes that they wish to do.

If you've written the code for your own website, it is important that you are protecting every possible input (such as forms) as standard. This will prevent cross site scripting or worse, your database being hacked.

Keep your software up to date and even consider a daily site scanning utility.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How to log into cPanel

There are two different methods to log into your cPanel control panel in order to manage every...

What's the difference between Aliases, Addon and Subdomains?

### Aliases An Alias domain does not have a unique website. It is a domain that is masked to...

Creating a MySql Database

If your website uses PHP or you need to hold a collection of records which need to be accessed...

Importing a MySql Database

You can import a MySQL database via phpMyAdmin which is available in the cPanel control panel....

Exporting a MySql Database

You can export a MySQL database via phpMyAdmin, available in cPanel, if you want to keep a backup...