How do you clean a virus off of your own website? Here are the steps to take to remove malware from your web server and to prevent it from getting reinfected
Ever had a virus on your home or work computer? Your web server is no different. It too can be infected with a virus. However, when a website is infected with malware, it’s not a headache for just the webmaster. Malicious code on a website attempts to infect the computers of that site’s visitors, too.
Identifying a Website Infection
Unfortunately, the first person to view an infected page is probably out of luck. The malware will download itself onto their computer and infect their system. However, at that point, it becomes easily visible as it manifests itself as pop-up ads or spam being sent from their computer. Services like Norton Security and Google can cross-reference reports of the malware infection and identify which website the code originated from. They add this data to their already massive directory of infected sites so that the next web surfer who visits that site will be warned by Google, their browser, and possibly their antivirus software. People will begin to avoid that site and the virus will cease to spread.
While the effective quarantine of websites helps prevent the spread of malware, it can hurt the businesses whose websites are infected in lost traffic and reputation. So how do you tell if your own website is infected? The first clue is often a steep drop-off in traffic. Regularly monitoring your website’s traffic is key in catching the problem early.
There are over 1 million new strains of malware created every day. One identified infection can get your website blacklisted by Google, which currently blacklists over 10,000 websites each day. Mind you, the malware need not even be on your site.
1. Plugging the Holes
Don’t allow your business to suffer expensive cyberattack damages which average around $40,000 per attack. Alternatively, be proactive in your web security efforts to prevent security threats, protecting you and your customer’s private data. Here are some tips to help you protect your website from malware and other cyber threats:
Once your website has been infected by malware you may ask “How do I fix this!?” or “What can I do!?” but the better question is “How did this happen?” Treating the symptoms and removing the malware is useless if you leave yourself open to reinfection.
The initial place to look when your website is infected is right at yourself. The simple way hackers reach a website is by infecting the webmaster’s computer and watching for the web server’s password. Check your own computer thoroughly with antivirus and malware programs such as Malwarebytes. Remove any malicious programs and change any passwords you use to access your website. While this can be a painstaking process it is absolutely necessary to be sure that your website will remain safe in the future.
The second place to look is your web server. If your site is hosted on a shared server, the malware may have jumped from another infected site onto yours. If you think this is the case you will need to contact your hosting company and have them remove the malware from the infected machine.
2. Cleaning Up After a Malware Infection
Once the holes in your system have been identified and patched it’s time to fight back. If at all possible, take down the infected website. Leaving it up while it’s infected can hurt your public image by giving you a reputation for poor security and viral content. If you have a backup prior to the date your site was infected, fixing the problem will be as simple as relaunching that version of your site. If your website has changed significantly since the last backup or if a backup is unavailable, then it’s time to seek professional help. In order to purge your site of malware, an expert must read through your site’s code and selectively remove the lines of malware that have been injected amongst the legitimate content.
Having your website infected with malware is a frustrating experience but it doesn’t mean the end of your internet presence. Watch your logs for tell-tale traffic patterns of infection and act quickly to protect your visitors to minimize damage and get your site back up. With a little luck and some vigilance, it should be smooth sailing from here on out.
3. Updates and Patches
Is your website running off of a Content Management System (CMS) such as WordPress? A CMS can be an easy and cost-effective way to manage your business’ website, but they’re also large targets for cyber attacks.
Why? Many CMS platforms and plugins are often easy targets for hackers and allow backdoor access to your server and data (a recent example of this vulnerability was the SoakSoak attack that occurred last month). Make sure your system, plugins, and themes are always up to date, strengthening your web security. Many CMS solutions will even automatically update files for you if you choose.
4. Website Scanning
Many web viruses and other malware go unnoticed until it’s too late, due to their elusive nature. They can often be implemented with a simple one-line script, injected into the code of your website – made to look like normal code.
Website security scanning software can scan your website for existing malware and other harmful code that doesn’t belong, and notify you immediately of any threats.
5. Web Application Firewalls
Removing existing website threats is one issue, but keeping them from coming back is another. With over 1 million new malware strains created each week, your business’s website can potentially be infected by a new virus every day.
Web Application Firewalls (WAF) can help prevent attackers from even visiting your site. How do they work? Let’s take our TrueShield WAF, for instance – it evaluates traffic based on where it’s coming from, how it’s behaving, and what information it’s requesting. Based on these and other criteria, the firewall will allow “legitimate” traffic (e.g. customers and search engines) access while blocking “malicious” traffic (e.g. spam bots and hackers).
Used in conjunction with a website scanning solution, a WAF can help provide around-the-clock, hands-free security for your business’s website.
6. PCI Compliance
The Payment Card Industry Data Security Standard (PCI DSS), or PCI for short, is a security standard that businesses must adhere to if they accept major credit cards. This compliance helps ensure that your business and customers are protected from cyber-attacks and fraud by providing a documented, baseline security posture for your site. Failure to comply with PCI standards can result in direct financial damages, lawsuits, government fines, and ultimately ruin brand reputation in the event of a data breach.
Fortunately, it’s not difficult to become PCI compliant. There are many solutions that walk you through the steps to help create your own customized PCI policy. Our SiteLock® PCI Compliance program takes it even a step further by scanning your site and network, and you can also add on our PCI-certified TrueShield firewall.
7. Strengthen Passwords
Even now the world is still using weak passwords. A strong password is one that contains over 8 characters, no dictionary words, has a mixture of uppercase and lowercase letters, and includes digits and/or special characters. Unfortunately, many of those boxes aren’t checked – allowing brute-force hacking techniques (repeated attempts to log in to your website) to become effective.
It’s extremely important that you create a strong password for your website’s back end since it can oftentimes be an easy way into your private data. You should also advise your customers who have online accounts to do the same, to help protect them from future attacks. After all, it only takes seconds for a computer to crack a poorly created password.
If you would like assistance with removing a virus or any other digital solutions talk to the team at Liberty Digital today.