Together with the experts of the hosting company HostPro, we have created a material that will be useful to virtually everyone who deals with web resources: website owners and administrators, web developers, web designers, SEO specialists, marketers, and all Internet users.
After reading this article, you will be able to scan your website for viruses on your own, and you will also get effective tips on how to protect your resource from viruses and hacking.
A virus is essentially a malicious code that is installed on a website through security gaps. From our experience, we can say that statistically, most often viruses get to websites through the vulnerabilities of an unupdated CMS (80 percent of all cases), old versions of themes, plugins, installation of additional functions, use of themes and plugins downloaded from unreliable sources, and incorrect distribution of rights between administrators.
What can a virus infection lead to?
– Deletion of important files or changes to the database, which causes a breakdown in the website’s functionality;
– attackers gaining access to the content of your website or its complete administration – as a result, incomprehensible banners, phishing links to other websites, and redirects to third-party and not always legal resources may appear;
– slow loading of the website or even stopping its operation. This situation is usually caused by a high load on the server due to processes launched by malicious code (spamming, viruses, brute force attacks, mining, DDoS).
– theft from the database and leakage of confidential information of administrators and customers (names, emails, bank card details);
– if you do not notice the changes in time, the site may be sanctioned and lose its position in the search results or even stop being indexed and be blocked by the hosting or domain registrar.
How to check a website for viruses?
HostPro recommends several ways to check a website for viruses that do not require special technical skills and budgets.
– It is advisable to have an antivirus on your hosting. If infected files are detected, as well as programs whose structure is similar to those contained in the malware database, you will receive notifications with recommendations to your contact email.
A good scanner, such as ImunifyAV+, can even detect encrypted malicious code in files.
The Ukrainian host HostPro includes ImunifyAV+ antivirus in all hosting plans, you just need to activate it in the control panel or make a request to technical support, and it will be done for you.
– Google has a good tool for checking for infected files called Google Safe Browsing. Here you can check any website, even if you are not its administrator.
– If you are the site owner, you can simply check for notifications about dangerous content in your email or in your Google Search Console account ⇨ Security and manual measures ⇨ Security issues.
– There are also online services that can check for viruses on a website, such as Sucuri SiteCheck or VirusTotal. The method is simple and affordable, but the scan is superficial. Such tools usually do not scan the core of the site, so even simple viruses can slip through.
How do you know if your website is infected?
Here are some “symptoms” of your website being infected with malicious viruses:
– users report that they cannot access the site because it is blocked by their browsers and/or security programs;
– the website has been added to a database of malicious URLs;
– you see a significant change in traffic and/or a sharp deterioration in search engine rankings;
– the site displays errors; is slow or unavailable at all (please note that this may also be a sign that your domain or hosting has expired);
– users are redirected to another resource when they visit the site or follow internal links;
– additional content has appeared on the website: ads or pop-ups;
– virus notifications from the hosting provider;
– confidential data has been leaked from the website;
– new administrators have appeared in the admin panel to whom you did not grant access;
– the index file or other site files contain third-party code, it can be contained in the [iframe][/iframe] tags, as well as after [BODY] or [HTML].
Checklist for effective website protection against viruses and hacking
1. Install an SSL certificate on your website. Then your resource will work over a secure HTTPS connection. All information sent from your website will be encrypted, minimizing the chances of it being intercepted.
If you don’t have SSL installed on your site, users will see a notification that the connection is insecure instead of the content they need.
Some hosting companies resell SSL certificates, so you can ask your provider about the availability of this service. For example, HostPro can generate one for you and connect it to your website for free.
1. Come up with something more complicated than admin1 or QWERTY – you can use special services such as password generators. A strong password should not be related to words or dates from your biography, but should contain letters, numbers, and special characters. It’s a good habit to change your passwords every month.Also, try to ensure that each resource (e.g., website/blog/billing) and each site administrator has a unique password.
2. Restrict access to the login page for all IPs except those from which you and your colleagues work.
3. Monitor traffic from time to time, if it has dropped sharply, there is a possibility that users are being redirected from your site to another resource or that browsers or security systems simply do not allow access to your resource.Conversely, if traffic has increased, but the number of visitors and operations on the site has not changed, this is also a characteristic sign of a virus infection.4. Keep plugins, themes, and CMS systems up to date. If possible, you can enable auto-updates.
5. Do not install themes and plugins from unverified sources.Download them only from official repositories and reliable marketplaces.6. Host your website with a reliable hoster with antivirus in the tariff and DDoS protection. If you are not satisfied with the level of security on your current hosting, you can always migrate to reliable servers for free.
– Control what data users upload to your website. If customers need to upload files, specify the allowed extensions and the maximum allowable file size. Also, do not neglect scanning uploaded files as they may contain malware.- Install Git, a console utility that will track file changes in your project.If you need to “cure” the site from an infection, you can simply roll back the system in the SSH console to a clean version and deploy a database backup.
You can take a backup of your website from your hosting provider. You can also monitor it manually, but some viruses can change the date of file editing or simply hide so well that it is very difficult to find them on your own.
We advise you to choose a hoster who makes backups of all the sites on the server at least once a day, preferably for free. With HostPro, for example, you can get any archive of your site for the previous 30 days.
In conclusion.
The inability of a business to protect its website from viruses can have negative financial, reputational, and technical consequences and affect its long-term competitiveness.
There are universal recommendations that you can follow to significantly reduce the risk of viruses getting on your website, including installing an SSL certificate, periodically updating CMS, themes, and plugins (because developers eliminate vulnerabilities in each new version that existed in previous versions), and choosing a reliable hosting provider with an antivirus in the tariff.
We also recommend installing Git on your website to be able to deploy a backup of your site data in case of emergency, and to give preference to hosting providers that make automatic backups of websites every day.
If it has already happened that malicious code has been injected into your website:
1. Change the passwords for logging in.2. Temporarily restrict access and rights to files and folders.3. Scan for malware with an anti-virus scanner, view a security report in Google Search Console, or contact your host’s support team for help and follow the instructions sent to you by email.
4. Check the .htaccess file in the root folder to see if there are any redirects configured.If a redirect to a third-party site is found, delete the section starting with RewriteEngine On and save the changes.
5. Roll back the system to a clean version using Git and deploy database backups (you can take them from the hosting control panel).
Order secure hosting with SSL certificate, antivirus and DDoS protection with promo code ITTA-20.The offer is valid for all shared hosting plans until 12/31/2024.
Google Safe Browsing, Google Search Console, HostPro, SSL certificate, Sucuri SiteCheck, VirusTotal.