How to deal with a hacked website

This support article has been written to provide you with information on how to clean your hacked websites without needing to call us. Website hacks can occur in a variety of ways, so it is impossible for us to provide you steps that are guaranteed to clean every possible website hack, but these methods should help clean up most of them. Below is general information that can assist you when dealing with your website after it has been hacked, including the steps you should take to clean up your website:

  1. Scan your computer for malware
  2. Rotate passwords
  3. Scan website files for malware
  4. Check website for suspicious files
  5. Remove any injected code and malicious files
  6. If the above steps have not helped, you may try to restore your account from a backup you've taken prior to being hacked . This however does not secure your website, it just cleans it up temporarily
  7. Take steps to prevent your website from getting hacked in the future
  8. Ask us for assistance if required

Scan your website files for malware

Malware scanners are not guaranteed to locate every hacked file in an account, however scanning your files for malware is useful in cleaning up your website. If you have a cPanel Hosting subscription, you should use the Virus Scanner available within cPanel to scan your account for malware.

  1. Log into cPanel
  2. Click the Virus Scanner icon
  3. Select the Scan Entire Home Directory radio option
  4. Click [Scan Now]

If you have a Cloud Hosting subscription, you will need to download your files to your computer and use a local malware scanner to identify and clean hacked files.

Check website for suspicious files

If you have been emailed by us to tell you that your website has been hacked, our email may include a list of files that we believe are suspicious. These files are a good place to start when cleaning your website. Using a File Manager or FTP client, review the files and directories that make up your website for any suspicious file names or recently updated files which may have some injected/modified code. Delete any files which are not required to run your website and remove any code which might have been injected into files that are essential to running your website.

Ask us for assistance if required

Our technical support staff are not able to clean your hacked website for you. However, depending on the type of hack that has occurred on your website, they may be able to provide you limited assistance or point you in the right direction in terms of getting your website back up and running. Alternatively, we have a website security team who provide website clean up services as well as ongoing website monitoring services. For more information about the services that our website security team provide, see our Website Security page.

Additional information regarding website hacking may be found in these documents below: