There are many viruses on the Internet that spread themselves through websites. Unfortunately, owners rarely treat the security of their sites properly. And in the event of infection and hacking, the hosting provider is often accused of poor-quality services or incomplete account protection. Responsibility for the security of the site lies with its owner. By following basic security rules, you can protect your website.
The infection scheme is quite simple: just go to an infected website and, using standard browser security settings, the virus will automatically be installed on the user’s computer. After that, it starts tracking FTP logins and passwords when you connect to your site via FTP. Having collected a certain number of passwords, a special program is launched that establishes an FTP connection to each site and embeds its own HTML code at the beginning or end of the pages for subsequent distribution, for example, this:
<iframe width=1 height=1 border=0 frameborder=0 src="[...]"></iframe><!--iframe width=1 height=1 border=0 frameborder=0
src=[...]"></iframe><!--iframe width=1 height=1 border=0 frameborder=0 src="[...]"></iframe-->
or
<u style=display:none><a href="[...]">buy hydrocodone</a>
<a href="[...]">m367 hydrocodone</a></u>
etc. Sometimes, by adding their content, viruses lead to complete inoperability of the site due to its software design.
We ask you to check your sites for infection. To do this, just look at the source code of the main page for the presence of extraneous text.
If traces of a virus are detected, you must perform the following actions in the following order:
1. Scan your local computer for viruses. Not all antiviruses can correctly identify a virus and its type, so we recommend using several alternatives at once, for example, Kaspersky Antivirus and Norton Antivirus.
2. Remove viral content from the pages of your website. Sometimes it is enough to manually edit files via FTP, or restore them from a backup copy. If you used the services of a third party to develop your website, we recommend that you contact them.
3. Go to your hosting account control panel and change the password for ALL your FTP users.
If the situation repeats over time, then step 2 has not been completed completely.
4. If the site is not working, restore it from a backup.
Please note that page infections can also be caused by vulnerabilities in your projects (SQL injections, XSS vulnerabilities, etc.). Therefore, we recommend using the latest versions of the CMS and following their updates.