Sales +1-844-724-7277


Support +1-844-260-2204

No one wants to find that their website became a source of infection for several other websites, or the website data gets stolen. However, it can happen.

Mostly, a website gets infected through plugins and CMS (content management systems). There are two different scenarios of this type of case. You might have downloaded an infected file through an unofficial source or by unofficial plugins, or the update might contain errors, which can be accessed by the hackers. These types of errors are called vulnerabilities.

Hackers always keep this information about the vulnerabilities and scan several websites to find a victim. After finding, they can use the vulnerability to upload a type of malware that can redirect users to other websites, steal the data, or send spam.

In this article, we will discuss how a website gets infected and how to remove virus from website.

What to do if a website is infected?

Some ways can help you if your website is infected.

Update Your Software

Firstly, you must update your software. As the software developers discovered some new vulnerabilities, they release updates that contain patches to fix them. It would be great if you use only the recommended official websites to download the updates.

How to Remove Virus from Website

You might also use some software for automatic updating. This kind of solution can automatically install the newest patches without rebooting the server.

Delete Unauthorized Plugins

You must install only those plugins that are developed or created by the official developers. If you come across a free version of any plugins, there is a huge chance that it contains a virus. So, it is always good to pay for an authentic server instead of curing an infected website.

Change Passwords

It is a popular scenario that a virus usually infects the website using an admin’s password for CMS or FTP, which was stolen from the desktop or email. Change your passwords for accessing CMS and MySQL, SSH/FTP accounts, and the server control panel.

Always use strong passwords, which should contain more than ten symbols with lower and upper case letters, digits, and special signs. You might also refer to any free service to generate such type of passwords.

Configure access rights to the files

Always use an ISP manager or FTP to configure the access rights to your website files. These rights will determine who can edit, write, or watch code. It is recommended that you must choose 644 value for your website’s files.

For the directories, it would be better to set 755, which means the admin can have edit/read rights while the other users can have read/only rights.

Restore a Backup

If you have discovered that your website is infected from any kind of virus, always restore the backup prior to the current date. This will allow you to prevent curing a virus.

How to protect websites from viruses?

You can do this task manually or by using specific anti-virus software.

If you have a great skill working on a server’s console, you can manually clean the code or a website. Firstly, you must find a malware: open your website’s files and compare it with those stored in the backup.

After this, you can easily locate the infected files and permanently delete the malware using a specific file type or a fragment of code.


If you do not have that much experience working on the server’s console, you must use special software. Below are some examples of antiviruses that contain the biggest databases about the virus's patterns on the internet.


It is free virus scanner software for scanning a website for viruses, malware, and hacking scripts. It is available in the ISP manager rather than Revisium Antivirus, which was used in the older versions of the control panel.


It is a software specially designed for automatic search and deletion of the virus. The interface is straightforward and is easy for inexperienced users. The module can scan the website for malwares every three hours.

How to avoid the infection

  • Isolate different websites from each other by generating a specific user for each website.
  • Configure the backup schedule.
  • Create strong passwords, and don’t save it in your browser.
  • Only use the trusted sources for a software download.
  • Use trusted software for updating the installed scripts.


Malwares are hazardous and can infect your website to steal essential information and many more. Read the article to know more in detail about how to protect a website from virus and malware.

how do i make sure my website is secure?