Compromised Websites Recovery
The steps to recover your websites.
1. Take your site down or put it into maintenance mode immediately.
2. Update the administrator users’ passwords to have at least 8 alphanumeric characters with a mix of capital letters, numbers and symbols.
3. Carefully inspect if any new administrator users have been added to the web application without your knowledge.
4. Upgrade all the installed web applications, such as WordPress, Joomla, Drupal, etc, inclusive of its third party themes, plugins, components, etc to the latest version.
5. Repeat the steps above to all the add-on domains and subdomains in the same account.
6. Update control panel account and FTP account passwords to form strong passwords, with each consisting of at least 8 alphanumeric characters coupled with special symbols.
7. Remove files and folders that are no longer in use.
8. Scan your computer using an up-to-date scanning program to identify any malicious code which might have been added by hackers. Be sure to scan all your content, not just text-based files as malicious content can often be embedded in images.
9. Restore clean files, and review the step from No.2 again.
10. Put the website back online.