Below are my recommendations regarding reports of your web site being hacked. Please pass this along to everyone who has been involved in uploading content to your web site.
1. Change all FTP passwords, email passwords and passwords for any administrative portion of your web site.
It is possible your password has been comprised or stolen from your computer. After changing your FTP password it is important that you do not save your password within your FTP software, web design software, or in email. In other words, write down your password on paper and do not save in your software (at least for the next couple of months).
- If possible use FTPS from now on (if possible).
- Set up SSL for any administrative pages on your web site.
A great percentage of hacked web sites are compromised due to clients not using encryption. And it is also possible your computer may have a virus which monitors keystrokes typed directly into your computer or sniffs passwords as they pass through your network or computer. Network sniffing can be avoided by using FTPS and will help prevent easy access to your passwords.
2. Run a full antivirus scan on all computers which may have either stored your FTP username/password, or are used to publish your web site files. I recommend installing these:
Excellent malware scanning software, with a free download option.
Start with Microsoft’s website for free or low cost security options.
CNET writes fairly current reviews on the latest antivirus apps. I would start here.
3. Ask your web site designer to review all web pages on server and compare them to what your web designer has on his/her computer.
Re-upload your web site from your local copy if possible. Your web host’s backup may include hacked files as well.
4. Apply the latest patches to your content management system.
A content management system, WordPress or Joomla, may have plugins or components which require updates as well. Make sure to update those as well.
Within WordPress, see Dashboard -> Updates. The “Re-install Now” option may help to clear some hacker files as well.
5. Do not use your main account password for FTP.
If your account includes a control panel which allows you to set up additional FTP accounts, set up an alternate FTP account for public_html (your web site’s home directory), and use that instead.
6. Review these web sites for tips and information:
7. Is Google blocking your web site?
*When the page loads, replace “google.com” with your domain.
8. If your site was marked as harboring malware, and you’ve since cleared out the hacked code, log into your Google Webmaster account:
Click the “Request a review” link within Google Webmaster Tools.
9. Other Services:
For Bing and Yahoo, see: http://www.bing.com/toolbox/webmaster/
Below was the old Bing and Yahoo review request form. May still be active and usable.
Then, look for these specific options, “What type of problem do you have?” -> “My site has a malware warning -> “The malware has been removed” -> and fill out the remaining information boxes as best you can. Then click the “Continue” link at bottom.
Trend Micro Internet Security has blocked my website?
If Trend Micro Internet Security lists your website as dangerous, and you know this is not the case, see http://global.sitesafety.trendmicro.com/
Norton Antivirus has blocked my website?
How to request Norton Antivirus unblock your website involves going to Norton Safe Web and submitting your site for rating or re-evaluation. See http://safeweb.norton.com/help/site_owners
AVG Antivirus has blocked my website?
How can I check whether AVG Antivirus is blocking my website? See http://www.avg.com.au/resources/web-page-scanner/
Website Warnings Wall of Shame