Mitigating the Site

Step #1: Make sure you always use a clean and protected computer to login to the server (malicious cookies, keylodgers, spayware and viruses can snick to the server and feed vital information to the attacker )

Step #2: Backup the database

Step #3: Regular cleaning and optimizing database

Step #4: Change the password to stronger passwords both for database, cpanel and CMS

Step #5: Update all extensions and templatesand deleted unwanted ones or the scripts with no updated over six months

Step #6: Secure and prevent editing of php script, web directories and important files like htaccess and configuration files

Step #7: Change login URLs, administrator usernames, database names and usernames to access database plus changing the table prefix to the harder ones

Restoring the site

Step #8: Deleted manually all foreign folders, files suspected for phishing, any useless scripts plus old site backups as those may create loophole to attack the website

Step #9: Remove core folders and related core files in root folder except folder for data configuration and htaccess files

Step #10: Upload fresh and current copy of the deleted CMS folder and files

Monitoring the Site

Step #11: Install security monitoring and notification systems

Step #12: Make sure your website is visited and scanned regularly for malware (at least once per week) using https://sitecheck.sucuri.net

Pin It on Pinterest

Share This