Have you ever gone driving, and you’ve been in a rush, and you haven’t stopped to check what that little blinking light is all about?

Or even worse, you SEE the blinking light but you choose to ignore it, until suddenly your care comes…to..a

spluttering halt?

Well that’s been the case with me and my web hosting!

Turns out, it’s against the terms and conditions of my Just Host account (love you guys!) to have any malware on my hosting account.

I kept getting all these funny messages:

 

Malware pic

 

(You might notice they’ve been put straight into the bin – well they were clogging up my inbox!)

What is Malware?

According to wikipedia, Malware is malicious software, such as a virus, which is specifically designed to disrupt or damage a computer system.

Oh crap.

So what happened two days ago, is that my website was shut down and I was forced to start cleaning and deleting suspect files with wild abandon.

So after 30 mins of cleaning up my files via cpanel I then have a chat to a nice tech guy called Gary (who’s real name I suspect is not Gary) on Just Host’s live chat. And I’m like a really proud kid I exclaim

I’m done! Can I you check and open up my website now?

And he’s like:

Have you checked your malicious file text on your server?

Wtf?

 

Do you remember the moment in the movie when the good guys have fought this real full on battle, they’re victorious and they have a second to smile to each other wearily on a job well done.

Then suddenly a darkness fills over the horizon and they realize this is just the beginning wave.

A shit storm is coming.

From Total War: Shogun 2

From Total War: Shogun 2

Well that’s how I felt when I started to read the malicious file txt.

This is what I saw – 10 pages of this!!

2014-02-06_0737

 

So what did I do??

Well I forked over $50 and that was the best $50 I’ve ever spent!

 

Lessons Learnt

  • Don’t ignore the little things, they cost you in the long run
  • Webhosters don’t like Malware, check your T&C’s

Here is a security checklist that you can review which can greatly help secure your account sites:

1. Change the Admin Email on your account.
2. Change the Password on your account.
3. Change the Credit Card on file on your account.
4. Update and apply any patches, upgrades, or updates that the 3rd party vendor or web developer of your scripts may have available.
5. Fix any loose file permissions (this may be the most common exploit vulnerability)
6. Delete all non-system Ftp Accounts that were created, or at the very least, change the passwords to the FTP Accounts.
7. Remove any Access Hosts by clicking the “Remote Mysql” icon and clicking the Remove Red X by each entry if there are any entries.
8. Check your scripts for any Header Injection attacks, Sql Injection attacks, Cross-Site Scripting attacks, etc., as well as your php.ini file settings.
9. Check your home/work computers for any viruses, trojans, or keyloggers.

If your scripts are infected, you may want to rollback to the last good snapshot backup of your account. If your backups are also infected, then you may want to consider having us reset your account to start afresh.

To prevent this from happening I would recommend to use a company that specilizes in monitoring your site for malware. Here are a few recommendations:

We Watch Your Website is http://wewatchyourwebsite.com  (non-affilaite link) they will scan your account daily as well as clean up an issues and  also upgrade any software out of date for around $40.00 a year for a  single domain and 19.95 for each additional domain.

Sitelock- is another service you can use.

I hope this information is useful. Have a great day!