Websites could get damaged for a whole lot of reasons. They could get infected with malware, code changes, user error, server configuration modifications etc. Very often, website owners tend to overlook that websites will get hacked if they are not properly maintained and secured. You should be aware of the fact that website hacked issues could occur if they are not kept up to date with consistent website maintenance.

The following tasks should be performed to fix websites:

  • Check your local computer for viruses
  • Change passwords
  • Assess damage
  • Restore your backup
  • Update plugins and themes
  • Remove your website from blacklists
How to Fix Websites

Checking your computer for viruses

Before you begin repairing your website, you will first have to eradicate the possibility that your computer was the origin of the attack. To do this, first check your local computer for viruses and/or infections with malware. You can use Comodo cWatch Web that has a built-in Vulnerability Scanner.

Changing passwords

Ensure that the hacker can no longer access your website or database. SFTP password SSH password, and Database password should be changed. The passwords should be rest for all users as the hacker could have created new users. Carefully check the user account administration for your website and remove any suspicious users.

Assessing damage

Now you will have to examine the situation and plan how to handle it. Some vital questions that you will need answers to are as follows:

  • Did the attacker have access to your website?
  • Which files are affected?
  • Is sensitive data affected? Who needs to be informed?
  • Did the attacker have access to your database?
  • Is just one website affected, or are multiple websites on your webspace affected?

Checking for malware and restoring your backup

Replace all the infected files with files from a backup that has not been affected.

Updating applications, plugins, themes, and extensions

You must update all plugins, extensions, applications, and themes as soon as you have restored your backup in order to close known security holes. Hackers frequently use security holes in themes, and plugins. Hence, it is essential for you to update all extensions, themes and plugins, and then check which ones you really used. Before you decide to use a plugin, analyze all of its pros and cons since all plugins are capable of affecting your website’s security.

Removing your website from blacklists

Bing, Yahoo, Google and many antivirus programs maintain blacklists for websites that are infected with malware. For instance, websites on Google’s blacklist are removed from the search index or given a lower ranking. Having imported a clean backup and changing all your passwords, it is now the right time for you to remove your page from these blacklists.


  • Cyber Security Operations Center (CSOC)
  • Your team of always-on certified cybersecurity professionals providing round-the-clock surveillance and remediation services

  • Web Application Firewall (WAF)
  • Powerful, real-time edge protection for websites and web applications providing advanced security, filtering, and intrusion protection

  • Security Information and Event Management (SIEM)
  • Improved intelligence leveraging current events and data from 85M+ endpoints and 100M+ domains

  • Malware Monitoring and Remediation
  • Detects malware, provides the methods and tools to remove it and helps to prevent future malware attacks

  • PCI Scanning
  • Enables service providers and merchants to stay in compliance with PCI DSS

  • Secure Content Delivery Network (CDN)
  • A global system of distributed servers to enhance the performance of web applications and websites