×

Reliable Cheap, and Affordable  Hosting Anyday, Anytime.

Support
Website

Archive

Tag: site malware removal

Fixing a Hacked Website

Waking up to find your website hacked can be terrifying. Whether you’re running a blog, e-commerce store, or business site, a breach can hurt your reputation and revenue. In this guide, we’ll walk you through a simple but comprehensive process to recover and secure your website from a hack.

Step 1: Identify the Hack

Before taking action, identify the signs of compromise:

  • Unexpected redirects

  • Defaced homepage

  • Strange popups or ads

  • Google blacklisting or warning messages

  • Login issues or unknown admin users

  • Suspicious files in your directories

Use tools like:

Step 2: Take Your Site Offline Temporarily

To prevent further damage and protect visitors:

  • Place your website in maintenance mode.

  • Or use .htaccess to restrict public access.

  • Inform your users via email or social media.

If you use Sternhost, you can activate “Site Maintenance” mode in your cPanel dashboard or use a plugin for CMS like WordPress.

Step 3: Backup Your Site (Yes, Even Now!)

Create a full backup of:

  • Files (via File Manager or FTP)

  • Database (using phpMyAdmin)

This preserves evidence and helps if you make mistakes during cleanup.

Step 4: Scan and Remove Malware

Use security plugins or services to scan your files:

  • WordPress: Wordfence, Sucuri, iThemes Security

  • cPanel: Run ImunifyAV or similar antivirus scanner

Manually check and remove:

  • Suspicious PHP files or scripts (e.g., eval, base64_decode)

  • New unknown admin users

  • Modified .htaccess or index.php

🔒 Sternhost users can request a free malware scan via support.

Step 5: Update All Passwords

Change passwords for:

  • cPanel / hosting account

  • CMS admin (WordPress, Joomla, etc.)

  • FTP / SSH / SFTP

  • MySQL database

  • Email accounts

Use strong, unique passwords for each.

Step 6: Update and Patch Everything

Outdated software is the #1 cause of hacks. Ensure:

  • CMS core, themes, plugins are updated

  • Remove unused or nulled plugins/themes

  • Update PHP version via cPanel if needed

How to update PHP in cPanel:
Go to Select PHP Version > Current Version > Choose latest stable version > Save.

Step 7: Restore from a Clean Backup (If Available)

If malware cleanup is too complex, restore a backup from a date before the hack occurred.

  • Use JetBackup in Sternhost cPanel

  • Or upload a known clean backup manually

Make sure you update all credentials after restoring.

Step 8: Submit Site for Review

If blacklisted by Google or antivirus companies:

Request a review after confirming the site is clean.

Step 9: Harden Your Website Security

Take preventive measures:

  • Install a firewall (WAF)

  • Enable 2FA for logins

  • Limit login attempts

  • Regularly scan for vulnerabilities

  • Disable XML-RPC (WordPress)

  • Secure file and directory permissions

🔐 Bonus: Sternhost users get access to SiteLock and CodeGuard for daily malware scanning and backups.

Step 10: Monitor and Stay Secure

Maintain your site security by:

  • Setting up uptime monitoring (e.g., UptimeRobot)

  • Scheduling weekly backups

  • Monitoring server logs

  • Educating team members about phishing or social engineering

Final Thoughts

No website is 100% immune, but swift action and proper security practices can save your site from long-term damage. If your site is hosted on Sternhost, reach out to our support team for priority malware cleaning and assistance.

Need help now?
📨 Contact Sternhost Support
🔧 Or check out our Security & Backup Solutions