If you realised that you side being injected with malicious code in your website’s code files or folders don’t panic. This is relative normal for shared hosting due to some websites that hosted in the same hosting server with you has a backdoor that allow hackers to inject malicious code into their websites and eventually infected your website as well. It’s hard to prevent it since we have no control on other websites but to only report to your hosting provider. This is mostly happen to opensource scripts like WordPress, Joomla, Drupal, Opencart, etc.

Below are some of the steps that you can take once you noticed that there is suspicious code files in your hosting.

  1. Inform your hosting provider immediately.
    This is very crucial as the hackers may able to inject others account and eventually plant the malicious code somewhere deep in the files and folder that are hard to trace. Hosting provide should run a full scan on their server to remove any suspicious files.
  2. Change your passwords immediately
    Change your administrator password and username. Change your cPanel password. If you have extra FTP account, change its credential too. Make sure the password is complex. Hackers may run brutal force to guess your passwords.
  3. Download a full backup of your site.
    There are two possible reasons here. First is to make sure you have a copy of it before the hackers may go through the next attack and create more damages to your site. Second, your anti virus is possible to detect any malicious code that hidden in your site. You can try Avast, MSE, Spybot, 360 Total Security that are free alternatives and very good.
  4. Run cPanal virus scan
    Most users don’t realised that there is a virus scan functions in your cPanel. Scan all the files and folders in your directories and remove any detected malicious files that are found after the scanning.
  5. Upgrade and patch all your applications
    Upgrade the open source scripts on your website to their latest versions, remove vulnerable plugins and themes.

If you are running a WordPress site, you may do the following to secure your site,

1. Update your website!

2. Change your password for all access points. This includes FTP, SFTP (or SSH), CPANEL, etc.
– For wordpress https://codex.wordpress.org/Resetting_Your_Password

3. Change your database password.

4. Run a virus scan on your personal desktop/laptop.

6. Try sucuri security wordpress plugin
https://wordpress.org/plugins/sucuri-scanner/

7. Remove all unneeded applications

8. Hardening your wordpress
https://codex.wordpress.org/Hardening_WordPress

Lastly if all the above didn’t resolve the issue. You can always contact us to resolve your issues.