If you suspect that the site has been hacked and you want to check it, you can do it easily in your cPanel. Adriahost regularly scans your account and you can review the list of harmful files (if any) and act accordingly.
You can see the list of all malicious files as follows:
1. Login to your cPanel
2. In the search box, in cPanel, type imunifyav
3. Open the application ImunifyAV and wait (5-10 sec) for the list of potentially harmful files to be generated
This list contains all potentially harmful files that should be scanned.
Your reaction needs to be timely to prevent damage to the site and emails.
Solutions to clean up an infected site
Solution 1: The review and cleaning of the site can be done by the developer or a person who maintains your site and is familiar with the operation of the siteili
Solution 2: Site review and cleaning can be done by us. We would provide you with a suitable quote for cleaning the site.
Site cleanup suggestion by your developer
Here are some general steps to clean up a site, while your developer will do it this way or differently depending on how he works:
- Browse all the files and folders you have on your hosting
- View and delete the files that you did not place on the hosting in the folder where the site is located
- You can clean the files that are needed for the site to work by deleting only the harmful part of the code from the file or replace that file with a file from a clean installation
- If you use a CMS system (WordPress, Joomla, Drupal...) after cleaning, update all elements (CMS, themes, plugins)
- In agreement with your developer, investigate in detail how harmful files could get to the site (through a theme, plugin or other script)
- There is a possibility that the problem is the transfer of your computer to the site, so scan your computer in detail
- Finally, do a password reset for your cPanel, for FTP accounts, for the site control panel, for the email address where you get all the passwords
Useful questions and answers:
1. How secure is the server where your account is located?
- The server where your account is located is protected by modern protection measures that are created as a result of monitoring hacker trends and the inclusion of appropriate counter-measures. These measures are restrictive to the point of blocking regular traffic. Any increase in these measures would lead to the blocking of regular traffic and visitors who try to get to the site. Therefore, hacking the site is only possible through a security flaw in the site, so read the next question that talks about it.
2. How websites get hacked?
- According to the previous answer, hacking can happen through a security flaw on the site where the site contains a flaw in its scripts that allows a masked malicious query to infiltrate the site and do damage or abuse the site for other harmful actions. Failure in more than 90% of hacked sites occurs when the site contains an already bad script or due to lack of site maintenance.
3. How can e-mails be compromised through the site?
- A site that has a security flaw allows malicious activity and the intrusion of malicious scripts into the site. When the site enables it, the malicious scripts can spread to the folder where the scripts that enable the work of emails are located. If that happens, there will be problems with emails.
