Research

After the clean up. What to do after your site is fixed.

May 31, 2011 By

If you are reading this page then you are on your way to being proactive and actively taking steps to help reduce the risk of reinfection. While no-one can promise you the risk will ever be zero, we can work together to ensure that its as low as possible.

Will this guarantee I won’t get reinfected? Probably not, but you’ll make it so difficult that the probability of reinfection will be minimal.

1. Update your website(s)! If you are using WordPress, Joomla (or any other CMS), and it is not already using the stable current version, take a minute to update please. Why? Because out-of-date software is leading cause of infections. This includes your CMS version, plugins, themes, and any other extension type.

2. Change your FTP, SFTP (or SSH) password. Choose a good and strong password.

Password Tip: Start using a password manager: Peguta and LastPass are good ones to use (online + free).

3. Change your CPANEL / administrator password. Most people forget this, but its just as crucial a step. If you don’t have a CPANEL, we’re referring to the administrator account for your hosting provider.

4. Change your CMS administrator password. If you are using WordPress, Joomla, osCommerce or any CMS, change your administrator password. Take a minute to check and verify you know all the users in your panel.

Now is a good time to clean up accounts, so remove any users with admin access that are not necessary. This is also a good time to force password resets for all users.

Joomla users: http://docs.joomla.org/How_you_reset_an_administrator_password%3F
WordPress users: http://codex.wordpress.org/Resetting_Your_Password
Drupal users: http://drupal.org/node/44164

5. Change your database password. If you are using a CMS (WordPress, Joomla, etc…) change your database password. Please be sure to update your configuration file – Joomla: configuration.php and WordPress: wp-config.php. This is not an automated process so you will need to know how to open those files and edit manually. If you’re not familiar with handling changes in your database and configuration files, contact your host.

*If you don’t know how to change your passwords (specified above), contact your hosting company for details. You can also Google for “YOUR HOSTING COMPANY – FTP password” for instructions how to do so.

6. Run a virus scan on your personal desktop/laptop. In a lot of cases we see that websites are compromised via local environment (notebooks, desktops, etc..). Its why we always ask you take a minute to run an Anti-Virus product. If you’re OK with spending a little money, we recommend Kaspersky for Windows and MAC, and Sophos and F-Secure for Windows. You can also try Avast, MSE, Spybot that are free alternatives and very good. Here is the bottom-line, it doesn’t matter how many times your site gets cleared, if your desktop is not clean, your site can get reinfected quite easily.

7. Start doing backups of your site. After the site is clean and secure, a very good practice is to do daily backups. If you are using WordPress, check out BackupBuddy. For everyone else, a remote FTP backup service is recommended.

8. Sucuri Security WordPress Plugin.  If you’re a Sucuri customer that uses WordPress, it’s in your interest to install this tool for a number of reasons. You can read details on the preventative steps offered in the plugin here: http://sucuri.net/services/preventive. Installation is easy: http://sucuri.net/wordpress-security-plugin-installation and most importantly, it’s free to all Sucuri customers :)

9. Clean your garage. Too often the issues we see plaguing our clients are caused by “soup kitchen” servers. Old installations of their content management systems, themes or plugins. Over time these old installs become forgotten but grow ripe with malware that’s ready to infest their entire server after each clean. Take a minute to separate those things that belong on a test, staging and production server. Read more here: A Little Tale About Website Cross-Contamination.

Reading Material

Once you are done with all the steps above we recommend taking a minute (maybe more like 15 minutes) to read some of our more recent posts. These were all written with the end-user in mind and aim to help you become more proactive in protecting yourself from web-based malware.

Lockdown WordPress

4 Simple Ways to Secure (and Maintain) Your WordPress Site

Ask Sucuri: How to Stop the Hacker and ensure Your Site is Locked!!

Website Cross-Contamination: Blackhat SEO SPAM Malware

WordPress – Understanding its True Vulnerability

Brute force attacks against WordPress sites

A Little Tale About Website Cross-Contamination

Ask Sucuri: Talk More About Web-Based Malware

Ask Sucuri: Why Do I Only Get Malware Warning on Certain Browsers

Trusted Sources

We often get questions from our clients for a list of trusted sources, here are some of our friends:

1. Theme shops:

iThemes
WooThemes

2. WordPress Development / Design: 

WebDevStudios

3. WordPress Managed Hosting Providers:

WordPress Engine
WebSynthesis
ZippyKid

4. Hosting Providers:

ClickHOST

Existing Customers

If you’re already an existing Sucuri customer please log in below and visit your Sucuri Dashboard to submit an enquiry, or a malware removal request.

Posted In security Tagged

Testimonials

loading Loading

    • Let's be honest: the web can be a scary place sometimes. Having done many a WordPress malware cleanup in my day, I've found Sucuri to do a better job than I ever hoped I could do. Not only are they thorough, but they're fast as heck and affordable to boot. You don't just walk into a bad situation without some protection. Sucuri *is* that protection.

      —Andrew Norcross, Senior WordPress Developer @ BlueGlass Interactive, Owner @Reaktiv Studios, WordCamp Speaker

      Reaktiv Studios

    • We partnered with Sucuri for our WordPress migration and dehacking services as their capabilities are significantly more comprehensive than anything we’ve seen in the industry.

      —Brian Clark, CEO of Coppyblogger Media

      Websynthesis

    • I like to think I know security, but there is only one company I trust when it comes to the security of my websites, that company is Sucuri. They are, in my opinion, hands-down the leader in web-malware protection and cleanup services. Trust the experts, hire these fools!

      —Brad Williams, Co-Founder WebDevStudios, Co-Author Professional WordPress Series

      WebDevStudios

    • When you’re talking about protection for your WordPress site and the things most important to you — your content — you want to trust the experts. There’s really no better choice than the team at Sucuri.

      —Cory J. Miller – Founder / CEO of iThemes.com

      iThemes

    • Before Sucuri we didn’t know that someone was hacked until they told us. (Or actually, when Google blocked their site!) Now we find and fix problems before they even know what’s happening. It’s a Godsend, it’s as simple as possible, and it’s so affordable that quite frankly it’s irresponsible to not use them!

      —Jason Cohen, CEO of WP Engine

      WP Engine

    • As the owner of ClickHOST.com, a shared web hosting company, we are always fighting malware and spam. Recently we partnered with Sucuri and now all our accounts are monitored. I love this product! It not only protects our customers from malware, but these guys will fix a hack in 4 hours.

      —Carel Bekker, Owner/President of ClickHOST.com

      ClickHOST

    • Sucuri is my go to service for web based security and are the group that I recommend, exclusively, to my clients and readers, in particular WordPress users.  They are affordable, they work fast and they get the job done – as a bonus, they’re a fun group to work with!

      —Lisa Sabin-Wilson – Author: WordPress For Dummies; Designer, Co-Founder Allure Themes, Founder E. Webscapes

      E. Webscapes

    • Though I believe my sites are secure, it would be inexcusable for me not to use Sucuri’s service and be absolutely sure around the clock.

      —Scott Kingsley Clark, Lead Developer, Pods Framework

      Pods

Scan your website FOR FREE