After we have finished cleaning up your web site, you have to take a few steps to make sure it doesn’t get reinfected. This is very important, so try to do that as soon as possible.
- Change your FTP (or SSH) password. Choose a good and strong password. Do that as soon as possible. If you have too many passwords to remember, start using a password manager from now on if possible. Peguta and LastPass are good ones to use (online + free).
- Change your administrator password. If you are using WordPress, Joomla, osCommerce or any CMS, change your administrator password. Check in your admin panel if there are additional admin users and change their passwords as well. Now it is a good time to clean up accounts, so remove any admin access that is not necessary.
- Change your database password. If you are using a CMS (WordPress, Joomla, etc), change your database password and update your wp-config.php (or configuration.php) with the new one. This is specially important on shared hosts.
- Run a virus scan on your personal desktop/laptop. Your site was hacked and it means that probably your computer got infected as well. Try Avast, MSE, Spybot that are free and very good. If your desktop is not clean, your site can get reinfected.
- Update your site! If you are using WordPress, Joomla (or any other web application), and it is not on the latest version already, make sure to update it as well. If you need help doing so, please contact us.
- Start doing backups of your site. After the site is clean and secure, a very good practice is to do daily backups. If you are using WordPress, you can try one of their plugins (BackupBuddy is recommended) and for everyone else, a remote FTP backup service is recommended.
Let us know if you have any questions about it.
support@sucuri.net
