How did my site got infected with malware?

One of the most important features of a website is its security. A website infected by malware can never be considered a secure site. But of course it’s not always easy to find out how that malware ended up infecting your domain.

There’s a lot of ways that someone can use to get your site infected. This is what lead us to the following question:

Why is my website infected with malware/virus?

First off, we are going to make a list of the main reasons why a website gets infected with malware, and then we are going to check each one of them in detail.

  • Running outdated software
  • Excessive permissions for files and folders
  • Weak FTP/cPanel passwords
  • Local PC infected with virus or keyloggers

 Running outdated software

Sometimes is unbelievable the amount of users that don’t run updates on their sites often. It’s one of the most important tasks to make sure your site is secure. Running outdated software will only get you problems, because you won’t get the latest security patches and bug fixes, so any hacker will be able to exploit an old vulnerability to infect your site.

Try to update your sites often, even more if you’re running popular software like WordPress, Joomla, Drupal, Magento and so on.

 Excessive permissions for files and folders

Using 777 permissions on your folders is very dangerous. With this kind of configuration, you allow anybody to write content to your folders, so it would be pretty easy to upload malware into it. We suggest using 755 permissions as maximum for folders, while you shouldn’t use permissions higher than 644 for files. We also recommend using suPHP as your PHP handler, that way you won’t need to use the highest permissions.

 Weak FTP/cPanel passwords

Having a password like “password” is like not having a password at all. The same applies to “123456”, “yourname” and passwords like that. It’s like asking to be hacked.

A strong passwords always must contain at least 9 characters, and you also need to use capital letters, lowercase letters, numbers and simbols.

You can find online tools that help you create strong passwords, for example:

 Local PC infected with virus or keyloggers

Of course there’s no point in having a strong password if your PC is full or virus or keyloggers. If your local computer (the one you use to work/conect to your sites through FTP) is infected then you passwords will fall into the hands of the bad guys.

Lots of keyloggers and virus can steal your passwords and send them to malicious third parties. If possible, always try to use Linux or Apple’s OS X, they’re a lot more secure than Windows.


Conclusion

Those are the main reasons why your site may get infected with malware or malicious content, so always remember to update your site often, check for high permissions, use strong passwords and scan your local PC every week.

Do you have any tip you would like to share? Is there anything about this article that you don’t understand? Please let us know in the comments below.

Do you need help to remove the malware from your website? Then we suggest you consider our Malware Clean Up service.

One of the most important features of a website is its security. A website infected by malware can never be considered a secure site. But of course it’s not always easy to find out how that malware ended up infecting your domain.

There’s a lot of ways that someone can use to get your site infected. This is what lead us to the following question:

Why is my website infected with malware/virus?

First off, we are going to make a list of the main reasons why a website gets infected with malware, and then we are going to check each one of them in detail.

  • Running outdated software
  • Excessive permissions for files and folders
  • Weak FTP/cPanel passwords
  • Local PC infected with virus or keyloggers

 Running outdated software

Sometimes is unbelievable the amount of users that don’t run updates on their sites often. It’s one of the most important tasks to make sure your site is secure. Running outdated software will only get you problems, because you won’t get the latest security patches and bug fixes, so any hacker will be able to exploit an old vulnerability to infect your site.

Try to update your sites often, even more if you’re running popular software like WordPress, Joomla, Drupal, Magento and so on.

 Excessive permissions for files and folders

Using 777 permissions on your folders is very dangerous. With this kind of configuration, you allow anybody to write content to your folders, so it would be pretty easy to upload malware into it. We suggest using 755 permissions as maximum for folders, while you shouldn’t use permissions higher than 644 for files. We also recommend using suPHP as your PHP handler, that way you won’t need to use the highest permissions.

 Weak FTP/cPanel passwords

Having a password like “password” is like not having a password at all. The same applies to “123456”, “yourname” and passwords like that. It’s like asking to be hacked.

A strong passwords always must contain at least 9 characters, and you also need to use capital letters, lowercase letters, numbers and simbols.

You can find online tools that help you create strong passwords, for example:

 Local PC infected with virus or keyloggers

Of course there’s no point in having a strong password if your PC is full or virus or keyloggers. If your local computer (the one you use to work/conect to your sites through FTP) is infected then you passwords will fall into the hands of the bad guys.

Lots of keyloggers and virus can steal your passwords and send them to malicious third parties. If possible, always try to use Linux or Apple’s OS X, they’re a lot more secure than Windows.


Conclusion

Those are the main reasons why your site may get infected with malware or malicious content, so always remember to update your site often, check for high permissions, use strong passwords and scan your local PC every week.

Do you have any tip you would like to share? Is there anything about this article that you don’t understand? Please let us know in the comments below.

Do you need help to remove the malware from your website? Then we suggest you consider our Malware Clean Up service.




Do you have any malware issues?
Check out our One Time Linux service
ORDER NOW



Lets keep in touch


Copyright © 2016 Glator.com