Today I have got an email from networkviolations at godaddy saying"
"We’re writing to let you know that we recently completed a routine security checkup of all our servers and platforms. Our scans flagged your (web address) hosting account as containing known malware. Due to the negative impact to our systems, we've removed the following malware from your files: ..."
I logged in to my account and found plenty of files and folders that I have never uploaded.
I deleted everything on my File Manager except logs. Also deleted all databases, ftp users and changed password of primary ftp.
How is this possible? How could I avoid the same happening in the future?
Is it preferable to clean/format my "disk space"? If so how to do it?
Please tell us what type of hosting plan do you have, if possible the exact name (Ex. "Ultimate Linux Hosting with cPanel") and how is your website buid ( custom - html, php, asp, or CMS - WordPress, Joomla, etc)
Thank you for the reply.
The plan is Economy Web Hosting Linux.
As for the website, there was nothing published online. In fact I have tried couple of ways to build through Joomla then WordPress but never succeeded to complete.
Nobody has access to the account except myself.
Also I had couple of ftp to share files with friends (mainly of pdf, and msoffice types).
The infected files were everywhere inside the folders, those of WP and personal files.
I don't know what technical experience you have with building websites, but I will assume that it's not very advanced and advice you in consequence. I apologize if I'm presumptuous.
From my experience a website can become infected in 2 ways:
-1- infected files are uploaded to the server (it's the most common situation)
-2- a hacker obtains access to the website, and, deliberately uploads malicious files.
First thing that you should do, is a full antivirus scan of your pc. If you do not have a antivirus you should install one and scan your system. I use this antivirus and I've never have an infected website.
After your system scan, access your hosting via FTP or by FileManager and delete all the files and folders that you have in the public_html folder (but don't delete the public_thml folder).
If your web building experience is limited, I suggest that you use WordPress instead of Joomla, because it's easier to use than Joomla, but keep in mind that does not mean it's easier to secure. The fastest and easiest way to secure your WordPress is with this plugin, but keep in mind that it's not bulletproof and there are other things to consider doing, and for that you will have to use a lot of Google 🙂
And as a general rule: NEVER share your FTP credentials with anybody. You can't know if there computers are infected or not and you can be in this situation again. There are a lot of file transfer services out there.