Cybercriminals are always looking for a website with weak security to steal information and data. In case your website is not well protected, your site might fall a victim to a cyber-attack.
Hackers usually use malware because they’re malicious, dangerous and not very easy to detect. If once a website or computer gets infected by malware it can get access to critical data and destroy them.
Hackers manually install malware to gain access to sensitive information and data so that they can use it for financial gains. According to reports, on average, more than 20,000 websites are infected by malware due to exploited vulnerabilities.
If your website, whether you use it for business or personal, has been attacked with malware, immediately take steps to remove and recover your website. To help you out, we have provided instructions below, read on.
Table of Contents
How to know that your website is hacked
Below are the signs you should look out for to know whether or not your website has been hacked.
- Your account doesn’t exist, or you’re locked out of it, or your login credentials are not working.
- Your website’s content is modified or destroyed.
- Your website is displaying illegal items.
- Your website’s traffic is getting redirected to illegal and banned websites.
- There is a sudden decrease in the website’s performance and speed.
- Google and even your antivirus have blacklisted your website.
- The website is ranking or irrelevant and random keywords.
If you have found even one of the above signs, that means your website is hacked. You better proceed to the instructions to remove the virus from your website.
The steps to remove malware from your hacked website
Be it any website; you have to keep it secured. In case of terrible situations such as getting hacked, you should quickly remove the virus, malware, or threatware causing the trouble.
But before you begin the procedure, make sure that you have completely backed up your website’s data in a safe location.
1. Check and detect hidden malware
If you experience the symptoms of a website getting infected by malware, then you should directly remove it. There is a manual for detecting malware in case if the website is showing no symptoms.
To manually detect, first, you need if your website core database files have been modified. You can even deploy a File Transfer Protocol (FTP) tool to detect malware in the cores of your website’s folder. Visit https://www.goanywhere.com/managed-file-transfer/file-server/ftp-server to learn more.
2. Remove the malware infection from your website
Once you have detected the infected malware file, you need to replace it with a new file now or backed up data. In order to manually remove malware, follow the below steps.
- Using the FTP tools sign in to your website’s server.
- After that, create a list of recently modified files.
- Now, you need to replace those files with new download or backed up data.
- You can also remove any malicious code by editing it using a text editor.
And if you have found that your database tables have been infected by malware, then follow the below steps.
- First, you need to sign in to your website’s database administrator panel
- After that, you need for any malicious stuff in the database tables
- If you have found them, delete the malicious content or entries from the database tables.
3. Reinstall your website builder, plugins and theme
After you’re done with removing the malware from your website, it’s time to reinstall the latest version of your website builder, plugins and theme. Also, when you’re choosing the theme, the plugin makes sure that it gets regular updates.
Once you download the latest version of your website’s builder, reinstall it in the “default” public_html folder/subfolder. After you finish installing, don’t forget to edit the wp-config.php file, it will help to include database credentials.
You can now reinstall all your website’s plugins, themes of a fresh copy from their website builder official website or third-party site.
4. Reset every password and username
You should follow this step only after you’re done with manually removing the malware from your hacked account. If you have done that already, the first thing, you need to delete suspicious users from your website’s admin account.
After that login to your website’s account as admin and remove every current password and username.
Prevention is better than cure. So, it’s better to prevent your PC from Malware and in order to do that, you may go for Kaspersky Total Security software. It will protect your data effectively.
The problem isn’t solved yet; you must make sure that such an event doesn’t happen again to your website. You need to ensure that your website shouldn’t be compromised or hacked.
What you can do is always keep your website and its themes and plugins updated to the latest version. Also, you can make sure the website is more secure by choosing the right website host provider. You can also take advantage of purple teaming for your security.
Always make sure to backup everything and create a reliable backup strategy. This will help you in disaster scenarios.