Clean up a hacked website with Imunify360

Estimated reading time: 2 min

How to clean up a hacked website with Imunify360

In this article, we will describe how Imunify360 can assist in the cleanup process if your website got hacked.

Prerequisites

  • Imunify360

Step 1:  Analyze the website

The first step is to analyze the website and check if your website is or was hacked. You can do this yourself by checking if there are suspicious files or unwanted plugins in your home directory.

Step 2: Scan the website

You can start the scanning process through the Imunify360 interface “Imunify360 -> Malware Scanner”. You have the option to scan all  users or, use the search bar if you want to scan a specific user. To scan all users, click “Scan All” or click the “play” button under “Actions” to scan a specific user.

imunify360 scan

The scan includes a file/folder and database scan.

Step 3: Updating the website

It’s always recommended to keep your website updated.

Step 4: Malware found?

It can have the following outcomes:

  • Website cleaned
  • Website clean-up failed
  • No malware detected
  • No malware was detected but there are suspicious files.
Step 4.1: Website cleaned

If Imunify360 detects a malware, it will try to clean up the website. After the website is cleaned you should see this.

imunify360 infected file cleanup

You can click the eye icon to unveil the file content. If you think it was a false positive and the file should not be cleaned-up you can restore it by clicking on the “clock” icon next to the eye. In case it was a false positive, you can also submit the false positive to the Imunify360 team by using this command on the command line:

imunify360-agent submit false-positive <full_path_to_file> --reason <reason>

When cleanup is done but you suspect the website is still infected, feel free to contact the support department of Imunify360.

Step 4.2: Website clean-up failed

In case the cleanup failed, you will see something similar to the screenshot below:

imunify360 cleanup failed

In this case, it’s required to contact the support department of Imunify360 . You can create a ticket through the control panel.

Step 4.3: No malware detected

If no malware is detected no action required.

Step 4.4: No malware was detected but there are suspicious files.

If no malware was found but you detected suspicious files, please log in via SSH and submit the files as undetected malware. You can use the following command:

imunify360-agent submit false-negative /path/to/file

Conclusion

In this tutorial, we’ve explained how you can use Imunify360 to check and clean up a hacked website. In case of doubt over whether your website is or has been hacked, you can contact Imunify360 support.

Was this article helpful?
Dislike 0
Views: 127

Reader Interactions

Leave a Reply

Your email address will not be published.