Website been hacked how can I clean & protect it

[wevet]

One of my sites hosted on Godaddy has been attacked and some script planted in the script. I went through it and found the lines but it has re-occurred and I am flummoxed as to how this is happening.
Suggestions please on:
How to clear the site defintively of any nasties
How to prevent the site being attacked again

 

[Deleted member 61074]

You will need to do some work to work out how the "hack" happened.

I've seen plenty of hacks where abit of js is added to every index page - this often happens when there is a virus on your own pc. thus the solution is to thoroughly clean your pc with a good AV and spyware prog (malwarebytes is good)

other reasons include, you are running insecure php on your site - solution here is to upgrade to the latest version.

you got infected across the server, solution here would be to find a better host (certainly one with suphp/suexec)

 

[mit74]

what is your website ie ecommerce? What open source software or language are you running? There can be many ways to hack a website so the more info the the more we can tell you how it was hacked.

 

[zookx]

As said, what kind of site is it, are you running any software on it, is it the latest version of that software etc...

 

[DomHobson]

First thing to do would be change your account passwords just to be safe.

 

[That Guy]

Change your FTP Password etc.

Remove added code.

If using something like Wordpress, make sure it is the latest version.

Scan your computer for infections, this can be keyloggers and other nasties.

 

[Dawg]

I suggest fixing the site again but from a computer that you know is clean. If the site gets infected for a third time you know the source probably isn't your machine, (and the other way around.)

Scan your machine with Virustotal and Malwarebytes anyway, and further subject any even faintly suspicious stuff to Jotti.

My experience is that it is usually in the local machine.

 

[mit74]

My experience is that it's dated software being used on the server. Webalizer and most open source software has some sort of exploit on older versions.

 

[Gatorservices]

Also your hosting provider godaddy can help you with this as they are there to support you.

 

[wykthorr]

If it's not a large website, then you'll probably be better of rebuilding it (you can reuse certain parts, but you should use only the code from the old site you understand)

When a hacker manages to break into a system he usually leaves a backdoor, and give the thousands of lines of code apps like wordpress have it's virtually impossible to make sure everything's clean. Also when rebuilding it make sure you use the latest version of whatever software your site uses.

Another thing to do is to see how the hack occurred so that you can prevent future hacks, but that might be really complicated if there are no obvious holes in the code (like SQL inject vulnerabilities)