Infected Website? Please share this with anyone you know who has been hacked recently.
I offer free phone support as well, so if you’re finding this confusing, feel free to call me at (619) 479-6637.
“My Website has been Hacked. How do I fix it or repair my WordPress Blog?”
1. To start, change all FTP, email, and administrative passwords for your website.
It’s possible that your password has been compromised or stolen from your computer. After changing your FTP password, make sure not to save it in your FTP software, web design software, or email.
In other words, write down your password on paper and don’t save it in any software for a few months.
Many hacked websites are the result of clients not using encryption. It’s also possible that your computer may have a virus that monitors keystrokes typed directly into it or sniffs passwords as they pass through your network or computer. Network sniffing can be prevented by using FTPS, which will help prevent easy access to your passwords.
Use FTPS or SFTP when uploading files to a web host server, if possible. Also, make sure you have an SSL certificate for your domain name and connect using SSL (https://). If your site runs on WordPress, check out this article: How do I prepare my WordPress blog for an SSL certificate?
2. Run a full antivirus scan on all computers that may have stored your FTP username/password or are used to publish your website files.
The following links are often recommended for antivirus scanning on a PC:
Excellent malware scanning software with a free download option.
Start with Microsoft’s website for free or low-cost security options.
Check is long list for Windows Apps for Internet Security.
3. Ask your web site designer to review all web pages on server and compare them to what your web designer has on his/her computer.
Re-upload your web site from your local copy if possible (since your web host’s backup may include hacked files as well).
HackGuard.com – If you are running a WordPress website, need someone to help manage the security of your blog, and can afford 30ish cents a day, then see HackGuard for more details.
4. Apply the latest patches to your content management system.
A content management system, like WordPress or Joomla, may have plugins or components which require periodic updates. Make sure to check and maintain the latest versions of plugins and components on “a monthly” basis.
For WordPress, see Dashboard -> Updates. The “Re-install Now” option may help to overwrite some hacker files as well.
5. Do not use your main account password for FTP.
If your account includes a control panel which allows you to set up additional FTP accounts, set up an alternate FTP account for public_html (your web site’s home directory), and use that instead.
6. Review these web sites for tips and information:
7. Is Google blocking your web site?
Google Safe Browsing Diagnostics – *When the page loads, replace “google.com” with your domain.
8. If your site was marked as harboring malware, and you’ve since cleared out the hacked code, log into your Google Webmaster account:
Click the “Request a review” link within Google Webmaster Tools.
9. Other Services:
For Bing and Yahoo, see: http://www.bing.com/toolbox/webmaster/
Below was the old Bing and Yahoo review request form. May still be active and usable.
Then, look for these specific options, “What type of problem do you have?” -> “My site has a malware warning -> “The malware has been removed” -> and fill out the remaining information boxes as best you can. Then click the “Continue” link at bottom.
Trend Micro Internet Security has blocked my website?
If Trend Micro Internet Security lists your website as dangerous, and you know this is not the case, see http://global.sitesafety.trendmicro.com/
Norton Antivirus has blocked my website?
How to request Norton Antivirus unblock your website involves going to Norton Safe Web and submitting your site for rating or re-evaluation. See http://safeweb.norton.com/help/site_owners
AVG Antivirus has blocked my website?
How can I check whether AVG Antivirus is blocking my website? See http://www.avg.com.au/resources/web-page-scanner/
Website Warnings Wall of Shame