The infected resource sends spam, damages your customers’ computers, spoils search engine results. Are there viruses on your website? How to find and cure them? You have to take care of the website’s security if you do not want to lose customers, position, and reputation.
Don’t know what to do and how to do it? This article will remove all questions and help to understand the diagnosis, treatment, and prevention of infection.
How to understand that the website infected
The most popular markers that something is wrong with the website:
- the resource blocked by an antivirus or Internet browser;
- there have been dramatic changes in the statistical parameters of the server or search engine indexing;
- the website is on a blacklist by Google or otherwise based on unwanted addresses;
- the website does not work correctly, errors and warnings are issued;
- there is suspicious text in the website code.
However, you should check your website in any case, even if you have not noticed any of the above. You can feel at ease when the suspicion of viruses on the website is not confirmed. Although no, only after you take preventive measures.
The most common sources or causes of infection
There aren’t many primary reasons and factors why your website can pick up a virus and then spread it on the Internet. The following is a list of the most common.
- use of virus software to steal credentials, access from FTP, hosting, or website control panel;
- vulnerable components in popular CMS platforms, such as Joomla, WordPress, Bitrix, osCommerce;
- brute force – password hacking bust.
The website can be infected both through your fault and through the efforts of outside “benefactors”. It is time to consider, perhaps most importantly – the identification of the problem and its elimination.
What and why to check, and how to treat
There are several approaches to identifying the cause of the problem and also some tips for treating it. As in other areas, no 100% guarantee checking in one way will help solve all the shoals. We recommend using different methods for reliability.
- Automatic virus scanning by hosting. Of course, these modules are not a panacea, but they will detect the infection and indicate the problem files in most cases.
- It is testing through the Ai-bolit program from revisium.com. The most modern of all existing programs at the moment. It allows you to find up to 90% of problems. And there already upon detection it is possible to select also a method of correction.
- If in the website code you notice any suspicious foreign characters, pieces of code, you can use special PHP scripts. They will help you find the files that contain this mask. But this method requires some knowledge in the field of programming and the file structure of the website. After detection, it is necessary to carry out the cleaning of files of the found garbage.
- It is also helpful to check the downloaded copy of the website on your computer using an antivirus designed for the local computer. Modern antiviruses have an advanced heuristic module that allows you to detect malicious code that affects websites quickly. The most popular at the moment – rescan.pro.
- Periodically check the pages of your website in the search engine index, and on the snippets, look at the issue (for a large website). If the website is small (up to 50 pages), you can view each page in a saved copy. We also recommend that you periodically check the .htaccess file for third-party code that sends users and robots to different types of content (cloaking). In this case, check the correct response of the page server. If necessary, eliminate the problem that results in an incorrect answer. You should add rules to robots.txt to close unnecessary pages from indexing if hacking has occurred.
- It is important to check the composition of users who register on the website. First of all, we review those who have the right to edit the website. If third-party users remove them, disable editing rights, and search for vulnerabilities to determine how this user adds.
Once you have checked the website, found the problems, and fixed them, you need to change the passwords for all accounts (hosting control panels and CMS, FTP, SSH).
How to protect the website?
It is better to prevent infection than to treat it later and correct the consequences. Therefore, we strongly recommend that you follow the following safety rules.
- Make backup copies of the website. When running the stage of infection, non-virus-infected files can only be in earlier versions.
- Use crypto-strong passwords. It is desirable to update them monthly.
- Install the latest software versions, update them regularly. Install all the necessary patches promptly. You will help reduce the risk of attacks using exploits.
- It will not be superfluous to install plug-ins or components with protective properties. For example, those that change admin addresses or block the IP of pests that try to pick up a pair. You can add dual authorization using * .htaccess files by disabling the standard password recovery module.
- Set up automatic hosting verification of your website.
- Install a reliable antivirus on all computers from which you work with the website.
- Do not send passwords and do not allow all employees who work with the website any communication channels. Change the password regularly from the mail to which your website is linked.
- Increase security with special rules in the * .htaccess file. For example, disable PHP in folders downloaded by the user through the website, close the download of executable files.
- Additionally, you can restrict your website to only countries with your audience.
- If you do not use SSH, it is better to turn it off altogether.
Unfortunately, there is no such pill that will save you from infection once and for all. Cybercriminals do not sit still and invent new ways, find new holes, write new viruses. However, everyone can increase the reliability of their website by following the basic security rules, maintaining the cleanliness of the website and computer.
Is your website already infected, and you can’t find the cause or don’t know how to fix it? Or do you want to check the resource and make sure that everything is in order with it? Just leave a request for verification. We will be happy to help.