by Mihai BobriucViews 342Updated now 1 yearPublished 18/08/2022
The following steps should be followed after a site/account has been cleared of malware to prevent re-infection.
- Update the app used on the website. Whether it is Wordpress, Joomla, Drupal or any other CMS or application, you need to update its main version, as well as the themes and extensions installed.
You may need to contact the site developer for this.Recommendation: Update the version of the site's app to the latest version available from time to time.
Change all passwords associated with the hosting account: Access panel , FTP, Email.
Change the password of the admin user for the application used
Check additional users in the app to make sure they're valid.
- Change the password of the user assigned to the database.
Achievable operation within the control panel.
Scan all workstations/devices that had access to your hosting account with an updated antivirus.
- An infected workstation could infect your web hosting account in certain situations.
Clean up the account, removing old or unnecessary files, software, email accounts, subdomains, etc.
- Old scripts tend to have vulnerabilities and can be the cause of the initial infection, even if they are not actively used on the site
- Make a full backup of your hosting account once everything has been cleaned up and start performing periodic site backups whenever you make an important change.
Keep these backups on your local harddisk.