How to remove malware code from your website in easy steps
From my experience, malware is the most dangerous thing to happen on your website as it does not take down your website like hackers do when they deface your website to prove their point. Malware is code placed on your website which may do any of the following:
1. Send out massive amount of spam emails from your website.
2. Send out phishing emails to unsuspecting customers and plant their code on your website to get any important financial details.
3. Download scripts/files to unsuspecting customers via their browsers.
As you can see from above malware code is used to get access to a large number of visitors so they can then propagate their infestation to other computers.
This can also affect your website rankings on search engines as they block such websites and warn visitors on their search listing results page as well. See example below of one such website which got infected with malware and how Google alerts visitors about this.
If you try to click on the link of the website and try to browse to it you may get this message on your browser if you are using Firefox/Chrome.
Now how do you clean your website from malware code?
Please follow the steps below to remove malware from your website. I followed these steps while cleaning malware on some websites and 80%-90% of infected websites can be cleaned by using them. However, there could be some difference on some websites and if there is please do let me know so I can update them here.
1. First thing you should do is to contact your hosting provider and check for the last backup of your website. There may be a chance that the backup copy is clean and not affected by the malware. If the backup copy is clean then you can restore the backup and get the website up and running in the shortest time possible. If not then you will need to go through the following steps and gear yourself to put in the next couple of hours on cleaning your website.
2. Next step is to download the website to your local development server. This is a necessary but time consuming step as you don’t know the extent of the malware on your website. Some times it could only be in one file and some times the whole website may have been infected.
3. After downloading the files try and open them. If you are unable to open them or you get a “Access Denied” popup then change the extension of your script to (.txt).
4. Open the file and search for anything that is out of the ordinary in the file. If you see some type of jibberish code in the file then you can be assured that the file has been infected with malware. If your website has been developed in PHP then you should start by checking for “base64_decode”, “eval” and “iframe”.
5. After removing the malware from the file continue this process in other files as well. Be sure to remove it from all files as the malware replicates itself very quickly. You can write a simple script which can scan all files and then remove the code from all files in all directories.
Check this link out on Google to see how you can prevent malware in the first place
Hope the above helped!