WordPress Website Owners, what stresses you out the most?
The most common answer: “Our Websites Shutting Down.”
Why is my Website Suspended?
When you contact your web host, HostGator will inform you that your website is found to have malware. You might be shocked, but Web hosts like HostGator carry out routine checks on accounts to make sure they have not been hacked. They suspend accounts to protect their servers and customers from spam or other malicious interactions. This article will show you the step-by-step process to get your account reinstated if this happens to you.
This is a sample email that you will receive from HostGator:
This is the most important part of the email.
Our Abuse department has received a report regarding malware being hosted on an account under your control. We have disabled site access for your account to prevent further complaints and have provided a list of the reported content. Note that the below content is not a comprehensive list of malicious content on this account. We strongly recommend that you address the entire account to avoid further issues. In order to remove the restrictions we’ve placed, you must resolve the security issue and remove what malicious content was listed. Please note that repeated reports of malicious content on your account within 60 days of an initial notice will lead to further action being taken, including permanent suspension after failing to professionally clean the account. Once you have taken steps to secure your account of the reported content, please reply back to this ticket to request review.
You will note that if HostGator finds malware on your site again even after 60 days, you will be permanently suspended, which is an unfortunate loss of money.
Here is an email which goes into the details of what is happening on your website.
What if Google Blacklisted my website?
If you see Google’s “Reported Attack Site!” warning on your website, read the following article to learn how to clean the site and remove the warning: Remove Google Blacklist Warning
Why was my website Hacked?
WordPress is a great CMS for website owners. In fact, around 30% of the internet runs solely on WordPress. However, as with any service, platform, or software, using WordPress comes with its share of vulnerabilities. While the community and developers themselves are very helpful, the open source system itself is a double-edged sword.
Malware exists in different forms, and hackers find new ways to inject malware into websites every other day. Some of the most common WordPress malware infections are:
Backdoor is a type of malware that is extremely difficult to find, especially for low grade scanners. Using a backdoor hackers can access your website and re-inject malware even after repeated cleaning.
2. Drive-by downloads
Your website visitors can be victims of a drive-by download attack when they download malware unintentionally within some documents from your website into their device.
3. Pharma hacks
Pharma attacks are extremely hard to find, and advertise illegal products like Viagra, Nexium, Cialis, on your site. Pharma hack has devastating effects on a website.
4. File Inclusion and Arbitrary Code Execution
When PHP scripts within the uploads folder are modified and executed to serve hackers’ means, it is a file inclusion attack. Simply put, Arbitrary Code Execution is when a hacker can execute any command they want to, on your site.
Phishing is a hacking attempt to gain sensitive information such as usernames, passwords, and credit card details (and money) for the hacker’s own interests.
6. SQL Injections
Malware that modifies and targets your website database specifically is known that SQL Injection. It will alter the contents of your website tables.
If that scared you a little bit, you’re not alone. Compromises can lead to identity theft, lost data, or a damaged website. When you take into account the number of visitors lost, revenue and brand damage involved, the negatives just keep piling up. Web hosts in fact, are looking out to protect their own reputation as well.
What are my options when my website is Infected?
All hope is not lost. Let us explore your options.
1. Restart, build a new website
This is probably the most terrible option of the three that we are going to tell you. No one wants to start from scratch knowing all that they have created until now, is gone forever. However, many WordPress website owners, not knowing any better do just that. That also means that this is the option that should not really be considered.
2. Restore website
You can use your website backups to restore your website to the way it was before it was hacked. Note that you need to know the exact timeline of the hack to restore the correct backup version. This is the easiest way out of a web host suspension but you can consider this option only if you have backups in the first place. (Which you should!)
3. Clean website
Once you remove malware from your site, you can easily rollback to the clean version of your site. You can remove malware on your website either manually or with the help of security plugins like MalCare WordPress Security Service.
How can I Identify and Remove malware?
To identify infected files or directories keep a look out for:
- Strangely named files or directories (i.e: xf8c3l.php or /home/username/public_html/strangename).
- PHP files located in image folders.
- Base64 or other encrypted injections inside of site files which can be removed using file editors.
However, as we have previously mentioned, identifying all the malware on your site is tricky. Malware like Backdoor and File Inclusion is particularly is difficult even for the most skilled security technicians. So be careful even when you are deleting infected files, just in case you remove crucial website files by mistake.
How do I get my Website Unsuspended?
Now that you are sure your website is completely cleaned (Doesn’t hurt to check once again!), contact HostGator and let them know that you have removed the malware from your site. They will help you get your website back online.
MalCare Complete WordPress Security
An alternative to the often messy manual malware detection and removal is using MalCare. MalCare automatically tracks and pinpoints the exact location of malware so that you can remove it with a click of a button. This revolutionary all-in-one Security solution can help you. easily handle Malware Deep Scanning, One-Click Cleaning, Complete Firewall and Login Protection.