Malware Hack Removal
If you’re ever the unfortunate victim of a hacking attack, then you may well find yourself needing to know how to remove iframe malware from your website. It can be a frustrating task, but hopefully, you’ll learn from your mistakes and only have to go through the process once. Here is what you need to know.
7 Steps to Remove Iframe Virus from your Website
If you need to remove iframe malware from your website, there are basically two approaches you can take. The first approach is to clean up the existing website manually and the second is to recreate it from scratch through a fresh install. The right approach for you will often depend on the complexity of your website and the extent to which you have customized it.
Always scan for malware first
Regardless of which approach you use, you should start by scanning for malware. Sign up for a robust website vulnerability scanner and see what it tells you about your website. Different products will have different features, but any website vulnerability scanner worth the name will have an anti-malware scanner (and a web applications firewall) and this can shoulder a lot of the work of cleaning up a site, especially if you want to rebuild it.
Back up your website and database
Even though there’s a distinct possibility that your website still contains malicious code, it’s still worth backing it up so you keep your options more open in the event of anything going wrong with the recovery/restore process.
Make a copy of any images you uploaded
Your own uploaded images should not be a security risk. Even though you should already have them backed up, it’s a good idea to make a copy of them just in case. You won’t be able to replace your own unique imagery if it gets lost so take care of it.
Make a note of any third-party extensions you use
You only need to back up third-party extensions if they’ve been created specifically for you, in which case, they are highly unlikely to have been compromised. It is, however, sensible to make a note of what third-party extensions you use so you can source them again later if necessary.
Optional - see if you can clean up your website manually
In principle, you can head straight on to recreating your website from scratch. In practice, this is only likely to be a sensible approach if you have a small and simple website with minimal customization. The larger, more complex, and/or more customized your website is, the more it makes sense to try cleaning it up if you can. If you can’t, you can always proceed to a fresh install.
Malicious iframe code is often relatively easy to spot. Firstly, it tends to have width and height set to 0 and secondly it tends to be placed at the very top or very bottom of a page.
If you just experience a fairly basic hacker attack “script-kiddie style”, then this may be enough to get your website up and running again. You should, however, be confident that your website is really clean of all malicious code before you submit it to the various authorities for review and relisting.
If you’re not confident about your ability to clean up a website effectively, then your best options are either to call in a professional or to do a clean install. A professional will cost more, but at the end of the operation, your website will be right back how it was. A clean install is a task you can probably do yourself, but you’ll lose all your customizations and have to recreate them.
Alternatively, proceed to a clean install
If you don’t fancy going through your website manually, looking for malicious code, but you can’t/don’t want to pay a professional to do the job for you, then your only other practical option is to proceed straight to a clean install and to replace your content from a clean backup.
If you go down this route, then now is an excellent time to review any third-party extensions you use and check if they are still actually needed or wanted or if they’re just there because nobody’s got around to removing them.
Review your admin users
Once you have your website cleaned up and ready to go for review and relaunch, take the opportunity to go through your list of administrators and remove anyone you do not immediately recognize as being a legitimate administrator. Then change all administrator passwords.
Please click here now to have your website scanned, for free, by cWatch from Comodo.