An infected website can be a real pain in the back, especially if you don’t know it is infected. Those websites might seem normal to a naked eye but there can be a lot of (bad) stuff going on under the hood. Needless to say, an infected website is bad for your online image, and it gets worse if it’s a business page generating substantial part of your company’s income.
How do I find out my website is infected?
Well, the best thing to do is to prevent such a situation altogether. But if you think your website is infected, there are two quick ways to confirm your suspicion:
- If your web browser displays a warning that it is not safe to display the website
- If Google marks that website as potentially harmful to your computer
- If you run your website using a CMS (WordPress, Joomla, etc.), install a security plugin and run a scan. It should give you an idea about the state of your website in detail.
Another sign of an infected website can be an enormous number of non-delivery reports coming to your mailbox as your website sends out huge amount of spam messages to non-existent email addresses.
Also, a good web host is able to detect your website is infected. They will get in touch. In most cases they’ll send you a copy of your website, and remove your page from their servers to prevent further spreading. Only after you’ve cleaned up your website you send it back to your web hosting provider. They will examine those files and if all is ok they will re-enable your website again.
Note: I will not remove your website. Instead, we will try to contain the infected files. If they are common files used by your content management system, they will be replaced with clean copy without you even knowing. A backup will always be created before the files are replaced.
Ok, my website is infected. What do I do now?
Contact your web designer. They should be able to help you as they know your website inside out.
If you built your website yourself then the first thing to do is to try and replace the infected files with a clean copy.
This is very easy if you use content management system such as WordPress, Drupal, etc. You can download fresh copies of the files on the CMS download websites, and then upload them to your web space using any kind of FTP software.
If the files infected are those of your custom theme (or created from scratch based on your specs) it gets a little tricky, especially if you have no clue about what HTML/PHP/CSS are. The recommended course of action is to find someone who actually understands those things. You’ll save time (a lot of pain killers for your headaches), and —in the long run— a lot of cash as well.