It can really happen to any of us. Getting a virus on your website is not only frustrating, but it can be very costly. Prevention is always the best course of action, but sometimes it just gets past you.
Prevention starts with the basics:
- Choose a unique password & change it now and then
- Be mindful of who you share your password(s) with, and change again when they're done.
- Store your passwords safely - not in a document on your computer or in email
- Keep your computer virus-free with up-to-date anti-virus software. We use and recommend AVG Internet Security
- Keep the software on your computer(s) and device(s) up to date. Don't ignore those software update notifications.
Scan through our article, "Safeguarding Your Website from Hackers" for a quick review.
With the basics aside, if you find that your site isn't looking or behaving quite as it should, it might be a good idea for a virus scan. If you're part of our hosting, we offer free monthly malware scanning and remediation using ImunifyAV. In addition to that, you can scan your website using the quick little built-in scanner right in cPanel (not as powerful as ImunifyAV but it does catch a few viruses and trojans):
First, log in to your cPanel (yoursite.com/cpanel).
Use the search to quickly find and select Virus Scanner under the Advanced section.
On the Virus Scanner page, select Scan Entire Home Directory then click Scan Now.
Your results show within a few minutes. As it scans you'll see the progress bar and the file/directory being scanned.
When complete, hopefully, you'll see a pop-up message like this, replaced with your domain name:
If the scan does find a virus, you'll see them in an Infected Files box. From there, you'll have the option to Ignore, Quarantine, or Remove. If you're not sure, go ahead and quarantine, then contact support for further instruction right away.
While some viruses can be easily managed, others cannot. After a virus has been detected, getting it removed is your first order of business. There are services that can do this for you, like Sucuri. If you have site backup, you could also restore it to a point when you know it wasn't infected.
After you're sure you're free and clear of the infected files, change your cPanel password! (That last bit just really can't be stressed enough. Please, please, please change your password.)