Steps to take after your website is clean
Once your website is malware-free, it's important to to be proactive and take steps to help reduce the risk of reinfection. While the risk of malware will never be zero, there are many ways to increase your security posture.
Install and activate your Web Application Firewall (WAF)
There are a growing number of software vulnerabilities being exploited by attackers and trying to keep up with them can be challenging. Our Web Application Firewall (WAF) functions as an intrusion detection and prevention system for all your website traffic. It can help stop attacks before they even happen, keeping your site secure. The WAF starts protecting your site only after you activate it.
Update your site CMS and plugins
Outdated software is the leading cause of infections for a website. If you are using WordPress, Joomla, or any other website platform, and it is not already using the stable, current version, take a minute to update your website. Make sure all of the following are updated on a regular basis: CMS version, plugins, themes, and any other extension type.
Start making backups of your site
After the site is clean and secure, a good practice is to make regular backups. There are a number of backup solutions out there you can use. If you are hosting your website with GoDaddy you can sign up for Website Security Backups. The Website Security Backup system is very simple to set up.
Remove old backups from the server
Outdated and unmaintained copies of your website in folders can leave your site vulnerable to malicious activity, especially when they are in common folder names such as /old or /backup. Remove these files from the server to avoid reinfection. If you need to keep a copy, be sure to download them to another safe location first.
Change your passwords
Change your passwords for all your site access points like FTP, SFTP, SSH, or cPanel, and make those passwords complex, long, and unique for strength. This helps stop attackers from exploiting these multiple points of entry. At a minimum, be sure to update the password for all administrator accounts.
Remove extra administrators
Often users will create more administrators than they require and only update one admin password, leaving the rest as is and causing a vulnerability to the site. If excess users are present, there is no better time to clean them up than after a compromise.
Change your database password
If you are using a CMS (WordPress, Joomla, etc…) change your database password and be sure to update your configuration file.
This is not an automated process so you need to know how to open those files and edit manually. If you’re not familiar with handling changes in your database and configuration files, and your website is hosted with GoDaddy, contact customer support.
*If your website is not hosted with GoDaddy, and you don’t know how to change your passwords, contact your host for more information.
Run a virus scan on your personal computer
In a lot of cases we see that websites are compromised via local environments (notebooks, desktops, etc.). This is why we recommend running an antivirus product on your personal devices. It doesn't matter how many times your site gets cleaned of malware, if your computer is not clean, your site can be easily reinfected.
Clean up your server
Delete old installations of your content management systems, themes or plugins, as these old installs could be infected with undetected malware. Also, separate any installations that belong on a test, staging, or production server.
Use the Sucuri Security WordPress plugin
Whether you’re a Sucuri client or not, we recommend using the free WordPress security plugin if you’re using WordPress for your website. Installation instructions can be found within the WordPress Security guide.
