Why do websites get viruses or malware?
Unless you’ve personally ticked off a hacker or group of hackers, then most hacks and viruses are from programmed bots that randomly hit sites thousands of times until they can get in and find a way to insert their type of infection. So, in case you think you were personally attacked, you weren’t.
Reasons why your site got hacked
Outdated scripts
When you don’t update your website’s scripts, over time you risk being hacked. When scripts like the ones that power your content management system, ecommerce shopping cart, forums, and more, have an update available, a lot of times they come with essential security patches in order to keep your website secure.
Scripts that became vulnerable to being hacked
Technology is always advancing and evolving, so sometimes even if you just recently updated some scripts on your site, sometimes you may need to update again. It might be tedious if you feel that you’re constantly updating, but a website has never been a one and done type of deal. As a note, if you don’t have the time to be on top of your updates, then you should hire someone to maintain that for you, so you don’t have to fear a website infection.
Weak passwords
If you’re using the same password for everything - stop it now! This includes the passwords you use to log into your computer, web hosting, email, social media accounts, website’s CMS or scripts, and more. Make sure to create a strong password. You may want to keep a notepad with your passwords, or an online password manager like Lastpass.
Your computer was already compromised
If you don’t have any anti-virus scanner on your computer, or don’t update it, over time, your computer might become infected. It could happen from opening an infected website or even downloading something from email. Some viruses can latch to your files, which means that if you’re uploading any of them to your web hosting, then you’ve accidentally infected your website and web hosting account.
Types of ways to Check a website for viruses or malware
CMS like WordPress and Drupal, have their own malware scanner plugins or modules. They are designed to seek out viruses that are specific to that CMS. This is due to the fact that each scanner is programmed to look for specific types of viruses, which means that some may miss what others may pick up.
Web host provided malware scanning option
Did you know your web hosting provider has a scanner to check a website for viruses. It may be something like ClamAV or something similar. What this does is go through and gives you a list of where the infections are located, so you know what files to look at and clean up.
Sometimes your host may have ClamAV added to your cPanel, so you can perform the scan, instead of having to request them to initiate one on their end.
There are a lot of different online scanners that for the most part, are thorough and reliable. Some will even tell you if you’ve been blacklisted too. A blacklisting doesn’t necessarily mean that you’ve been removed from a search engine, but it will usually result in the search engine adding some type of label to indicate to possible visitors that you’re site has been compromised. Here are just a few:
Google
