Site infection – first remedial steps

Tomasz

Sometimes, when a website is not updated or plugins are used that are not up to date, the website may become infected unexpectedly through a vulnerability in one of the modules and malicious code may be injected into the website files. The page with the injected code usually redirects the user to an unknown and often dangerous website.

What to do if an infection is detected?

Changing access passwords

To begin with, we recommend a preventive change of passwords for:
-Subscriber panel
-Cpanel
-All ftp accounts

Backup

At Smarthost, customers have a backup of the last 7 days at their disposal, so if the infection is relatively recent (less than 7 days ago), we recommend that you start by restoring a backup which will most likely contain files and a database that have not yet been infected. If you are not able to determine when exactly the infection occurred then you can also try restoring the backup, as there is a chance that the infection occurred recently. Below is a link to guides to restoring a backup depending on the jetbackup software version

How to restore a backup in JetBackup 5?

How to restore a backup in JetBackup 4?

Contacting companies for website de-virusing

If the infection is detected late and you only have infected files in your backups, you will need to contact specialists for website de-virusisation. The specialists should clean the website, which will then return to full functionality. In such situations, we recommend our partners who also specialise in this type of operation:

Our partners.

How do you look after the site to reduce the risk of infection?

A helpful tool offered by Smarthost on each hosting account, is a system that detects outdated versions of components used on the site and informs customers of this in the form of the message shown below:

This type of notification helps to keep the components of your website up to date, reminds you to update and encourages you to do so. Updates go a long way to avoiding attempts to infect your website.

Tomasz
Latest posts by Tomasz (see all)