What to Do After Cleaning Malware From Your Website
If your website has been compromised and malware has been successfully removed, congratulations on restoring its security. However, additional steps are required to prevent future infections. Please note that free cleanups cannot be guaranteed in case of re-infection if the following steps are not completed. This guide outlines the key actions to take after malware removal to keep your website safe.
Change all passwords
After cleaning your website, it’s essential to update all passwords associated with your hosting account to prevent unauthorized access. Please change your:
- cPanel password
- FTP/SFTP password
- Database user password
- Email account passwords
- CMS admin dashboard password (e.g., WordPress, Joomla, Drupal)
Here are some useful resources for resetting your CMS password:
If you’re using another CMS, please refer to its official documentation for password reset instructions.
Verify your website’s files and code
Even after malware cleanup, hidden backdoors or malicious code may remain. To ensure your website is completely safe:
- Scan for hidden files: Check for unusual or disguised files and directories.
- Review your code: Look for unfamiliar scripts, injected code, or unexpected changes.
- Update your software: Make sure your CMS, plugins, and themes are fully updated with the latest security patches.
- Scan your local computer: Run a full antivirus scan on all workstations that accessed your hosting account. A compromised device can reintroduce malware.
Tip: For added protection, consider using WHC’s SiteSafe Protection service. It safeguards your website through automated scans and expert interventions. Once purchased, you can request a full website scan, and our security team will take care of the rest.
Clean up your Google Search Console and webmaster tools
If your website was flagged or blacklisted for malware, you need to request a review from Google after the cleanup:
- Go to Google Search Console and submit a Request for Review.
- Google will re-evaluate your site and remove any security warnings if it’s now safe.
- If you use other webmaster tools (like Bing Webmaster Tools), do the same by submitting your site for re-evaluation.
If you’re unsure how to proceed, contact your web developer or a security professional for assistance.
Update your security measures
Enhancing your website’s security will help prevent future attacks. Here’s what you can do:
- Install a security plugin for your CMS.
- Enable Two-Factor Authentication (2FA) for both your CMS admin panel and cPanel account. (Refer to your CMS documentation if needed.)
- Review file and directory permissions (recommended: 644 for files, 755 for directories).
- Make sure your site has an active SSL Certificate (HTTPS) for encrypted connections.
- Add a CAPTCHA to your contact form to reduce spam submissions. (Your web developer can help, or you can opt for our Pro Service.)
Additional security recommendations
- Regular backups: Schedule automatic off-site backups of your website and databases to ensure quick recovery if an issue occurs.
- Implement a Web Application Firewall (WAF): Use a WAF to filter and monitor traffic, protecting against threats such as SQL injection and XSS.
- Limit admin access: Restrict access to trusted IPs and review user roles to ensure only authorized individuals have administrative privileges.
- Monitor file integrity: Regularly verify the integrity of your core website files to detect any unauthorized changes or additions.
- Use secure connections: Always connect via SFTP instead of FTP to encrypt your data during transfers.
Tip: For complete peace of mind, schedule regular security audits and monitor your site’s uptime and performance. WHC’s SiteSafe Protection can help automate these processes.
If you need any further assistance or encounter any issues, our support team is available 24/7. Don’t hesitate to reach out via email, live chat, or phone — we’ll be happy to help. You can also open a support request.
