Virus attack on website

Several pages on my site have been infected by a virus. Any suggestions about to deal with this?

What’s telling you that you’re site has been infected?

Who’s the hosting company and what do they say?

If it’s not obvious, change every single login password to every part of the hosting account (ftp, control panel, etc).

Not knowing what exactly is on the site, like CMS or MySQL or what else it’s hard to say exactly how you would have gotten infected.

Safest way would be to delete and republish all the files on the server.

Make sure you use SFTP not FTP as the publishing protocol.

Regular FTP sends your login credentials including password in the clear.

My hosts advised me yesterday that a security scan revealed suspect files. My site,, and associated email were suspended. Am about to reload as you suggest.

If you’re not using any CMS or don’t have any mySQL databases it should be pretty straight forward.

I’d delete everything from the root level (directory you download into) and below. If you look with the host file manager or an FTP app it should be blank.

With the new login credentials setup the publishing using SFTP.
Republish all files.
Once you’ve got the site backup and running, I’d ask the host to rescan the site. It could be something on one of your pages or resources that’s setting off the alert. If so you’ll need more information from the host company on specifics of what the alert is about.

Many thanks. Will do.

Don’t forget to change your password as well.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.