Malware infections can be complex and challenging to resolve. In some cases, it may be best to seek advice from a developer to resolve the issue and prevent future occurrences. This guide will walk you through the basic steps to clean malware from your website.
Remove Infected Files: If the files are required, replace them with clean copies. You can obtain these from any available JetBackups. We strongly recommend maintaining your own independent off-site backups too.
Update Passwords: Update all passwords, including cPanel and website admin logins.
Update CMS and Plugins: Ensure any Content Management System (CMS) you are using, including any plugins, are up to date. It's often better to completely remove and replace any plugins/extensions with a freshly downloaded clean version.
Use the Highest Version of PHP Possible: You can change the version of PHP you're using within cPanel.
These basic steps apply whether you have a static site, or are using a CMS like WordPress, Drupal, Joomla, or Magento.
More sophisticated attacks can damage your site's database. In these cases, your options would be to either have the database cleaned or restore the database from a backup. If your site is running any kind of e-commerce system or collects data from users that gets stored in the database, any data collected between the time of any backup and when you decide to restore the database will be lost. In these cases, you may decide that having your site and database professionally cleaned is a better option.
If you are not confident cleaning your site yourself, there are services available that will not only clean your site but also offer continued protection via a WordPress Application Firewall (WAF). Both Wordfence and Sucuri offer free and paid versions of their WAF plugins. They also both offer site cleaning services.
Remember, if you're unsure about something, don't hesitate to reach out to the Brixly support team. We're here to help!
