Table of Contents

How to Check a Website for Viruses

Written on by Nile Flores

Estimated read time 5 minutes
Privacy & Security

How to Check a Website for Viruses

Hopefully you won’t ever encounter having an infected website. When your site has a virus, sometimes it can deter people from coming back. You lose their trust. However, what if you think your website has been hacked and has a virus? In this article, you’ll learn how to check a website for viruses.

What is a website virus?

A website virus is something that is an unexpected action that may redirect you to another site, infiltrate your computer, steal information, and more. The virus itself is specifically coded software that sometimes looks like it is harmless, but is disguised as a trigger from an outside source, in order to open a path through your site, and into your visitors’ computers.

This means you can get a virus from just visiting a website.

Why do websites get viruses or malware?

Unless you’ve personally ticked off a hacker or group of hackers, then most hacks and viruses are from programmed bots that randomly hit sites thousands of times until they can get in and find a way to insert their type of infection. So, in case you think you were personally attacked, you weren’t.

Reasons why your site got hacked

  • Outdated scripts

  • Scripts that became vulnerable to being hacked

  • Weak passwords

  • Your computer was already compromised

Outdated scripts

When you don’t update your website’s scripts, over time you risk being hacked. When scripts like the ones that power your content management system, ecommerce shopping cart, forums, and more, have an update available, a lot of times they come with essential security patches in order to keep your website secure.

Scripts that became vulnerable to being hacked

Technology is always advancing and evolving, so sometimes even if you just recently updated some scripts on your site, sometimes you may need to update again. It might be tedious if you feel that you’re constantly updating, but a website has never been a one and done type of deal. As a note, if you don’t have the time to be on top of your updates, then you should hire someone to maintain that for you, so you don’t have to fear a website infection.

Weak passwords

If you’re using the same password for everything - stop it now! This includes the passwords you use to log into your computer, web hosting, email, social media accounts, website’s CMS or scripts, and more. Make sure to create a strong password. You may want to keep a notepad with your passwords, or an online password manager like Lastpass.

Your computer was already compromised

If you don’t have any anti-virus scanner on your computer, or don’t update it, over time, your computer might become infected. It could happen from opening an infected website or even downloading something from email. Some viruses can latch to your files, which means that if you’re uploading any of them to your web hosting, then you’ve accidentally infected your website and web hosting account.

Types of ways to Check a website for viruses or malware

  • Content Management specific malware scanners

  • Web host provided malware scanning option

  • Online scanners

  • Google

Content Management specific malware scanners

CMS like WordPress and Drupal, have their own malware scanner plugins or modules. They are designed to seek out viruses that are specific to that CMS. This is due to the fact that each scanner is programmed to look for specific types of viruses, which means that some may miss what others may pick up.

Web host provided malware scanning option

Did you know your web hosting provider has a scanner to check a website for viruses. It may be something like ClamAV or something similar. What this does is go through and gives you a list of where the infections are located, so you know what files to look at and clean up.

Sometimes your host may have ClamAV added to your cPanel, so you can perform the scan, instead of having to request them to initiate one on their end.

Online scanners

There are a lot of different online scanners that for the most part, are thorough and reliable. Some will even tell you if you’ve been blacklisted too. A blacklisting doesn’t necessarily mean that you’ve been removed from a search engine, but it will usually result in the search engine adding some type of label to indicate to possible visitors that you’re site has been compromised. Here are just a few:

Google

If you’ve added your website to Google Search Console, when your site may turn up as having malware, your search results might have a label that says you’ve been hacked. Google Search Console has a security section that will list what pages the infection was found on. From there you will need a virus scanner to find exactly where the infection is located.

How to Check a Website for Viruses

  • Choose a virus scanner

  • Run the virus scanner

  • Use a second type of scanner to double check

Choose a virus scanner

Choose a virus scanner. If you can’t access your website, you can see if your web host will provide a scan to help you get your site up enough so you can perform the scan.

Run the virus scanner

This part might take a long time, depending on how many files your website has. Make sure to let the virus scanner run all the way through. If you have some type of cache program or add-on, you may need to disable that, as sometimes those tools slow or timeout the virus scanner. Make sure to copy the list of infected pages or files, as you will need those in order to determine what you need to clean from them.

Use a second type of scanner to double check

Always double check. If you’ve already cleaned the list of viruses from the first scan, you need to double check with a second scanner, in order to be more thorough.

In Summary

If you’ve been hacked and you’ve confirmed it after scanning for viruses, you’ll need to clean your website. Please note that your web host won’t clean your site for free, nor are they at fault for the hacking. You can either pay them to clean your infected website, if they often use malware cleanup services, or hire a specialist.

In the case you use a specific content management system, like WordPress, you will want to check a website for viruses using a malware plugin. Some online scanners and other malware scanning software may not catch all infections, so it’s important to be thorough.

Frequently Asked Questions

What extra protections can I add to a shared host site?

Verpex already provides very strong firewall and malware protections, but you can also add your own third party plug-ins to your website depending on the content management system you’ve used to build it.

How is the website maintenance carried out?

On a daily basis, software, hardware, vulnerability, MYSQL, CloudLinux paths and cPanel updates are carried out on our servers without a reboot. However, if we have to carry out any maintenance that includes some downtime, we schedule in advance and update our status page

Why choose Verpex for WordPress?

As the leading CMS out there, we’ve made it our mission to offer the most comprehensive and streamlined WordPress solutions on the market. Backed by a responsive customer care team and reliable site enhancement tools, we ensure our users get the full WordPress value and support for a reasonable price.

How does Verpex help with my reseller hosting?

Our job doesn’t end once we’ve sold you the reseller space. In fact, we’re with you for the whole time you’re hosting with us, supporting both your needs and that of the customers you pick up along the way, whether you max out your cPanel account limit or not.

The Verpex team is at your disposal, acting as your essential support team 24/7. That means anything pertaining to hardware, the network, updates and configuration, security, and connectivity, is all handled by us.

Both you and your customers can focus on running your businesses while we take care of all maintenance and troubleshooting with expert technical support.

View more posts by Nile Flores