It’s kind of embarrassing when you work in tech and your personal website gets infected with malware, but it happens to the best of us. A few weeks ago, I received an email from my hosting company notifying me that malicious code had been detected in my website files.
I have several websites hosted on my account and the site that was infected was inactive. I hadn’t done anything with it in years. I was just too busy to deal with it, so I put it off–that turned out to be a big mistake.
Even though the site with the malware was an inactive site, it infected my other sites and a few weeks later the hosting company shut down all of my websites and a message like this appeared on my screen when I typed in my website URL.
Ouch! I called my hosting company to find out what I could do to fix it, but my options weren’t great. Ugh, really? $250 just to get my site back. Fortunately, this was just my personal site and wasn’t a barn-burner situation, which gave me a little leeway to choose the best option on how to fix it. I can understand how site owners in a panic may choose whatever they think is the fastest, easiest fix, but it may not be the best one. I explored three options before deciding which one fit my needs best.
Option One: Site Doctor
Site Doctor offers a one-time site service repair (for 30 days) for the not-so-low price of $249.99. The price includes:
- Security Scan: Scans your entire website for malicious code (hacks, malware, and viruses).
- Clean Site Guarantee: The hosting company guarantees a clean site for 30 days and will promptly clean any reinfection that happens within 30 days at no additional cost.
- Malware Removal: Removes any malicious files and code that they find.
- Version Control: The hosting company logs and changes they make and gives you the option to undo the changes if you choose.
- Security Consultation: They discuss possible vulnerabilities with you and advise you on how to further secure your website.
- Software Update: Any simple scripts programs you’ve installed will be updated to the latest, most secure versions.
Option Two: Sucuri.net
For $200 annually, their services include:
- Antivirus for One Website.
- Website Malware Removal and Cleanup within 12 hours.
- Continuous Scans for Malware and every 12 hours hacks.
- Website Blacklist Monitoring and Removal every 12 hours.
- Website Application Firewall (WAF) 24/7.
- Distributed Denial of Service (DDoS) Mitigation (Layers 7).
Option Three: SiteSecure.Me
SiteSecure.Me also offers a one-time per site repair for $99 (for 30 days), which includes:
- One-Time WordPress Malware Removal
- Blacklist Removal
- Security Scan
- Clean Site Guarantee
- New WordPress Core Install
- Full Code Backup
- Security Audit Consultation
- One-Month of free Site Secure Pro
After weighing my options, I decided to go with Sucuri.net so that I could have site protection for longer than 30 days. Also, the price was nice. Well, nice-r.
In order for them to clean up the infected site, I had to either set up an FTP for them to access all of my files or give them my hosting login information. Once they had access, they were able to clean up my site fairly quickly, but I wasn’t out of the woods yet. The Sucuri team informed me that the particular type of infection my site had was prone to high cross-infection, meaning the other sites on my server that were not covered by my plan (because I only paid for one website cleanup) were probably also infected and they would reinfect my site immediately.
DELETE UNNECESSARY FILES AND INSTALLS
Sheesh! I didn’t want to pay another $200 per site to prevent cross contamination so I deleted all of the inactive sites on my server.
Then I had to get my hosting company to provide a malware.txt file in the root folder of my website in the CPanel file manager.
Sucuri was able to clean up the site after that and they provided me with a list of all the files that were cleaned, hardened, or removed. They also gave me a helpful list of steps to follow to avoid reinfection.
HOSTING PROVIDER SCAN AND RESTORE
After they gave me the go ahead, I contacted the hosting company again to let them know the files had been cleared and they could rescan, which they did.
And then I circled back with Sucuri to let them know my hosting provider had restored the site so they could do a final check.
The steps to stay clean included website firewall setup, updating out-of-date software on sites–make sure they are all the latest version, and changing the password on all points of access.