Website Security

If your site is infected with malware, you’ll want it cleaned, and fast. Website Security Express is a malware cleanup service that removes most malware infections from your domain or website automatically within hours. This includes pharmaceutical hacks, redirect hacks, backdoor file hacks, Trojan viruses, and many more.

Note: Blacklist removal can take longer than malware removal, due to processing time. Google, for example, can take up to 24 hrs to review and delist a domain.

Website Security Express includes the following:

• Starts scanning your site immediately after setup
• Most sites are cleaned within 2-4 hours
• No website size limitations
• Email notification upon scan completion
• Provides you with all the benefits of Website Security Deluxe throughout the following year

A hacked website is really frustrating – it’s troublesome for your business and visitors, and removing a hack can be time-consuming. Let’s go through the fastest and easiest way to fix your website.

Let’s check for warnings

If you’ve seen “This site contains malware” or “The site ahead contains harmful programs” in connection with your site, there’s definitely a problem. To check further, go to https://sitecheck.sucuri.net and enter your domain name.

• If your website’s been hacked, you’ll see a warning here.
• No warning? It’s less likely (but still possible) that your website has been compromised.

Change your passwords

If your site’s been hacked, you need to immediately change all your passwords.

Restore from backup

If you have a backup of your website (and database) that you know wasn’t corrupted, you should re-upload it to your hosting account.

Remove the hack

It’s nearly impossible for anyone to reliably remove malware from a website by hand. To remove the compromise from your files, we recommend using an application like Express Malware Removal. Using its automatic malware scan technology, it will not only find any compromises in your files, it also removes them.

Identify & fix the weakness

To prevent your site from getting hacked again, you should identify how your site was compromised. There are two types of weaknesses: passwords and structural problems.

Passwords

Most hacks happen because the attacker was able to guess your account’s password by brute force. By simply changing your password (and using a stronger one this time), you can prevent these attacks from succeeding in the future.

Structural

These types of weaknesses require thorough testing to identify. There’s a lot of security software that can perform these types of scans but, again, we recommend Express Malware Scanner. It can identify a number of different issues, as well as help you fix them.

If Website Security detects compromises or vulnerabilities, it will email you that there’s a problem. You’ll then need to submit a malware removal request.

• Go to your product page.
• Under Website Security and Backups, select Manage next to the Website Security account you want to clean up.
• Select Cleanup Now.
• Select your domain name, the issue you’re having, and then select Submit Request.
• The request form may ask you to add your Connection Type. The Website Security team uses this information to access your files and clean them. Since most hosts use FTP, enter your FTP information including FTP host, port, username, and password.
  • cPanel customers: Find my FTP username for Linux Hosting
  • Plesk customers: Find your FTP login or username for Plesk hosting
  • Managed WordPress/ Professional Web Services (PWS) customers: use SFTP instead. See Upload files with SFTP and use steps 1-5 to find your SFTP information.
• Select Submit Request. The Website Security team may contact you for additional information if needed.

You’ll be emailed when the malware removal is complete.

Note: If your site is hosted with us, an FTP user is created within your hosting beginning with “SEC_”. Don’t remove this user as it’s how Website Security accesses your files to clean them. Once the malware removal is complete, the user is automatically deleted.

Add a Trust Seal to the website you’re monitoring with Website Security.

• Go to your product page.
• Under Website Security and Backups, select Manage next to the Website Security account you want to manage.
• Select Settings.
• Select Trust Seals.
• Select the Enable Trust Seals check box.
• Choose your preferred color and style, and then select Generate Code.
  • Choose a Color: Select black background with white text or white background with black text.
  • Choose a Style: Select where on the page you want the seal to appear. Relative will be centered.

You can now copy the code to add it in your website’s source code for all pages where you want the Trust Seal displayed. It’s recommended that you add the code before the closing body tag in your footer template file.