Portal Home > Knowledgebase > Security > After the cleanup. What to do after your site is fixed.

After the cleanup. What to do after your site is fixed.

May 31, 2011  by sucuri-research

If you are reading this page then you are on your way to being proactive and actively taking steps to help reduce the risk of reinfection. While no-one can promise you the risk will ever be zero, we can work together to ensure that its as low as possible.

Will this guarantee I won’t get reinfected? No, but you’ll make it so difficult that the probability of reinfection will be minimal.

  • Update your website(s)! If you are using WordPress, Joomla (or any other CMS), and it is not already using the stable current version, take a minute to update please. Why? Because out-of-date software is leading cause of infections. This includes your CMS version, plugins, themes, and any other extension type.
  • Change your FTP, SFTP (or SSH) password. Choose a good and strong password. 
  • Change your CPANEL / administrator password. Most people forget this, but its just as crucial a step. If you don’t have a CPANEL, we’re referring to the administrator account for your hosting provider.
  • Change your CMS administrator password. If you are using WordPress, Joomla, osCommerce or any CMS, change your administrator password. Take a minute to check and verify you know all the users in your panel.

Now is a good time to clean up accounts, so remove any users with admin access that are not necessary. This is also a good time to force password resets for all users.

  • Change your database password. If you are using a CMS (WordPress, Joomla, etc…) change your database password. Please be sure to update your configuration file – Joomla: configuration.php and WordPress: wp-config.php. This is not an automated process so you will need to know how to open those files and edit manually.
    *If you don’t know how to change your passwords (specified above), contact us.
  • Run a virus scan on your personal desktop/laptop. In a lot of cases we see that websites are compromised via local environment (notebooks, desktops, etc..). Its why we always ask you take a minute to run an Anti-Virus product. If you’re OK with spending a little money, we recommend Kaspersky for Windows and MAC, and Sophos and F-Secure for Windows. You can also try Avast, MSE, Spybot that are free alternatives and very good. Here is the bottom-line, it doesn’t matter how many times your site gets cleared, if your desktop is not clean, your site can get reinfected quite easily.
  • Start doing backups of your site. After the site is clean and secure, a very good practice is to do daily backups.




- adapted from USWDH Support

Was this answer helpful?
1 Users Found This Useful 1 Votes

Also Read