Home Malware How To Scan A Website For Malware And Fix Hacked Sites?

How To Scan A Website For Malware And Fix Hacked Sites?

53
0

How to Scan a Website for Malware and Fix Hacked Sites?

Google may blacklist your domain and remove your site from the search listings if your website gets infected with malware. With the correct software, compromised websites can be patched easily. Before your search rankings tank, here are the finest services to check and uninstall website malware.
There are various tools and services available for removing website malware that can search your website, isolate the infection, and delete it for good. Blacklist removal from Google and other domain blacklists is also provided by most businesses. Not every choice, however, is trustworthy, and some malware removal services can potentially put your site at increased risk of infection.

These services provide both emergency malware removal services and ongoing website security to safeguard against infections if you need to scan your website for malware or fix a hacked website immediately.

8 best website malware removal tools and services

Of the many website malware removal tools and services on the market, the best options to consider include:

  1. SiteGuarding Best all-around service to fix hacked sites
  2. Sucuri Great for small budgets
  3. Site24x7 Website, network, and applications monitor with strong user behavior monitoring.
  4. Wordfence Best for WordPress websites
  5. SiteLock Partnered with multiple hosting companies
  6. Comodo cWatch Offers free website malware removal
  7. Quttera THREATSIGN! Low-cost malware removal for multiple platforms
  8. Malcare Offers high-quality, free scanning for WordPress
  9. GoDaddy Provides a low-cost website security option

I didn’t know when a visitor told me she was getting strange pop-ups after hitting my home page when my technical website got infected with malware last year. I was not able to reproduce the problem on my own, so I dismissed it until some other users told me they had the same experience. Only after conducting a deeper-level malware scan on my site did I discover the threat.

Fortunately, I avoided any serious problems, but if you assume that your website has been hacked and malware is being served, the implications may be significant. Google will position your website on its blacklist and remove the search results from your site.

We investigated several dozen small and large malware removal services due to the severity of website malware, and then whittled our list down to seven trustworthy providers that can help fix hacked sites.

Criteria for a good website malware removal service

For website malware removal, you’ll want to opt for a service that meets most or all of the following criteria:

  • Has a good reputation
  • Offers scanning and removal at a reasonable cost
  • Provides dedicated Content Management System (CMS) plugins/extensions (for example, for WordPress, Joomla, or Drupal)
  • Can also work with multiple CMS and custom-coded sites
  • Provides a free scanning tool or service
  • Offers blacklist removal (Google at a minimum)
  • Capable of removing multiple forms of website hacking and malware
  • Offers multiple communication methods (phone, email, live chat)
  • Provides continued site protection and support after restoration, which includes a web application firewall (WAF) as well as regularly scheduled malware scanning and removal

Let’s explore each of these options in more detail below.

1. SiteGuarding

SiteGuarding is a website security company that provides a litany of specific services and features that make it a standout among the other solutions on our list, not to be confused with the similarly-named service (SiteGuard). For a long list of CMSs, the service maintains web security protection and offers both routine removals of malware and removal of emergency malware for when the website experiences a serious hack.

The business does not boast a lengthy list of name-branded customers such as Wordfence or Sucuri. Even, most reviews are overwhelmingly positive from different review aggregation sites. For half a dozen popular and lesser-used content management systems, it also provides plugins/extensions.

Notable features

  • Depending on what you use the service for, the list of features you get by SiteGuarding. You’ll get virus cleaning and backdoor removal if you sign up for malware removal (regular or emergency services). In 24 hours, the firm promises to clean up hacked websites. SiteGuarding practically advertises the removal of emergency malware in as little as 1-3 hours.
  • Malware removal is a one-time service with SiteGuarding rather than part of a subscription, as with other options on this list.The SiteGuarding malware removal program, in addition to cleaning your site, offers:Blacklist checking removal from multiple blacklists (Google, McAfee, Norton)
  • Core files check on up to 10,000 WordPress and Joomla CMS files
  • SQL injection prevention
  • Analysis of website backups and server logs
  • Website acceleration
  • Installation of security plugins (Portal plan only)
  • Website monitoring (Portal plan only)

The features you get will depend on which removal plan you purchase, with prices ranging from $49.95 to $200 USD for one site. Multisite malware removal will come with an additional cost.

SiteGuarding offers not just one, but five separate free website scanning tools. You can check your site against the company’s Outbound Link Scanner, Malware Scanner, Spam SEO Scanner, Blacklist Checker, and a Website Antivirus Scanner (requires installation onto your website as a PHP file). The company also offers a free security audit, which can be initiated over email or live chat.

The service’s free scanners are of questionable effectiveness, however, so we recommend using the free security audit instead.

Blog Package: Up to 1,000 WordPress CMS-checked core files, elimination of the backdoor, prevention of SQL injection, removal of blacklist (Google only), and a 30-day guarantee.

Standard Kit: All in the Blog Package, as well as up to 5,000 WordPress and Joomla CMS-checked core files, elimination of blacklists for Google, McAfee, and Norton, and security review on website backup server logs.

Company Kit: All in the Regular Package, as well as up to 10,000 tested core files, acceleration of the website, and a 60-day guarantee.

Portal Kit: All in the Business Package, as well as 10,000+ tested core files, installation of the security plugin as needed, complete website monitoring for three months, and a 90-day guarantee.

SiteGuarding provides website security plans similar to what is offered from the other businesses on the list if you are trying to expand your security benefits. Based on what you are searching for and the number of places you choose to cover, prices vary.

Prices start at $6.95 a month, with an option of $19.95 a month to delete malware from already hacked websites, secure the website with a web application firewall and other protection measures, and include unlimited removal of malware and hacking at least once a month in the future.

Website malware removal score – 8.5 out of 9

Based on our criteria, SiteGuarding receives 8.5 out of 9 for its website malware removal tool and service.

Pros:

  • Low cost for website hack repair and removal
  • An extensive list of features and services
  • Offers a separate emergency malware removal option
  • Provides comprehensive security protection subscriptions that include malware removal
  • Offers free security audits with methods to contact support
  • Offers a long list of major and minor CMS plugins/extensions

Cons:

  • Overcomplicated malware removal and website security options
  • Free scanners of questionable effectiveness
  • Emphasizes functionality with WordPress and Joomla over other CMSs

Comprehensive security protection:SiteGuarding advertises emergency malware removal in as little as 1–3 hours. Prices start at $6.95 per month for a basic package.

 

2. Sucuri

Sucuri is a well-known website security company offering a wide range of malware scanning and website malware removal services. This option comes with a high level of trust and a top-notch reputation, especially for those who rely on WordPress. It’s trusted by a few popular WordPress development companies, including wpbeginner, iThemes, and Yoast, and several major universities (Northwestern, Duke, New York, and George Washington).

This is not a good option if you’re just looking for a short-term fix for a hacked website, however. Sucuri will perform emergency fixes for hacked websites, but only through an annual subscription. That said, if you plan to increase your website’s security following a hack removal, Sucuri is a great option for both the emergency hack fix and for continued site protection.

Notable features

Sucuri is designed not just as a malware removal tool, but also a website performance enhancer. As such, if you have to fix a hacked website, it will serve your purpose but will extend those benefits to include regular malware scanning, a high-powered Web Application Filter (WAF), virtual patching and hardening, DDoS mitigation, and more. And unlike SiteLock, all of Sucuri’s subscription options offer unlimited page scans, making it a preferable option for larger enterprise websites and affiliate sites with a lot of pages.

Additional features include:

  • Blacklist removal and reputation monitoring
  • Stops zero-day malware
  • Blocks hacks and brute-force attacks
  • Provides an Intrusion Detection System (IDS)
  • SSL monitoring
  • File change detection
  • Utilizes a heuristic correlation engine (machine learning tool used to detect malicious activity across the network)

A free, external website scanning tool is also provided by Sucuri. You can use this to see if your website actually carries any malware that is easily detectable, which is especially useful if you think your website has been compromised and is now sending popups, redirects, or other user-facing incidents to users.

(Note that the external scanning tool from Sucuri is not a perfect solution, however, and can easily miss deeper-level risks. It’s a decent starting point, but if you think there is a serious hack that doesn’t appear in the free scan, immediately contact Sucuri.)

Not only does the free tool search for known external threats, but it also scans for blacklisting on your web.

We found Sucuri’s free scanner will send back some false information about security threats at times. For example, the tool incorrectly states my professional website does not include a redirect from HTTP to HTTPS (untrue) and that there’s no web application firewall (also untrue).

Pricing

The biggest downside to Sucuri is that it only offers annual subscription plans. If you’re just looking for an emergency website repair, you’ll be stuck with Sucuri for a year unless you utilize the 30-day money-back guarantee. That said, you’ll get a year of added protection against further threats, which may be worth it in the long run.

Unless you’re purchasing a custom plan for an enterprise with multiple websites, Sucuri offers three protection plans for most users:

  • Basic: $199/year
  • Pro: $299/year
  • Business: $499/year

The main difference between these options is how frequently its tool scans for threats. Basic offers website malware scans and other security scans every 12 hours; Pro, every 6 hours; and Business, every 30 minutes. An additional limitation for Basic is that it doesn’t include SSL certification protection.

Website malware removal score – 8 out of 9

Based on our criteria, Sucuri receives 8 out of 9 for its website malware removal tool and service.

Pros:

  • Highly-respected company and service
  • Effectively removes malware and offers extended protection
  • Unlimited malware removal and hack fixes
  • CMS plugins/extensions for WordPress and Joomla
  • Offers blacklist removal and reputation
  • Provides free, external website malware scanning tool
  • Lower cost than most competitors

Cons:

  • Only offers annual subscriptions
  • Only covers one website per subscription without an Enterprise plan

Lower cost than most competitors:Effectively removes malware and offers extended protection. Comes with a 30-day money-back guarantee so you can try it risk free.

 

3. Site24x7

Site24x7 has a distinct advantage to spot website security issues by being located outside the company network as a cloud service. The service looks at the delivery of websites and how visitors use them. Part of that activity includes identifying performance impairing interference and malware actions.

The Site24x7 strategy adopts a more contemporary delivery model, using a cloud platform rather than delivering software for installation. It also leaps ahead at looking at the vulnerabilities that hackers are exploiting today, rather than being dragged down by a traditional antivirus approach.

The big threat to websites is through all of the APIs and services that their coding now employs. The coding complexity of web pages creates opportunities for hackers. Site24x7 can scan these advanced programming threats and block them, so website visitors are protected.

Notable features

The list of features each customer can access in Site24x7 depends on the selected package. The service is available for free, but that includes fewer features. Each of the four progressively more expensive paid editions includes more features.

The Site24x7 feature that is of most interest from a cybersecurity perspective is the Website Defacement system. This is the main website malware protection service in Site24x7 and it is one of the advanced features that subscribers are allowed to select from a menu of services.

The tasks performed by the Website Defacement Monitor include:

  • Alerts to unauthorized addition or modification of HTML elements
  • Monitoring for hacked links and other quality issues
  • Identify changes in link sources
  • Security infringement alerts
  • Action to avert search engine results pages ranking downgrades
  • Hijack mitigation
  • Reputation protection and brand safeguards

The Website Defacement Monitor is available to subscribers of all paid editions of Site24x7.

Pricing

Site24x7 is charged for on a subscription basis. Customers can choose to pay for the service monthly or annually. Those who pay yearly get a lower rate on a per month basis than those on a monthly payment plan.

The four paid editions of Site24x7 are:

  • Starter: $108/year
  • Pro: $420/year
  • Classic: $1,068/year
  • Enterprise: $5.388/year

The difference between the plans lies in the number of services included in each. Advanced monitors available for selection with each edition are:

  • Web transaction monitor
  • Web page speed monitor
  • Website defacement monitor
  • Mail delivery monitor
  • FTP monitor
  • Application performance monitor
  • Advanced Windows Apps – Microsoft SharePoint, BizTalk, Active Directory, Failover Cluster, Hyper-V, SQL and Exchange Monitoring,

The number of advanced monitors for selection that are included in the price increases with the price of each edition.

The inclusion in the four editions are:

 Starter

  • Monitor up to 10 websites/servers
  • 1 advanced monitor
  • 5 network interfaces
  • 100K RUM pageviews
  • Tests from more than 90 locations
  • 50 SMS/Voice credits per month
  • Multiple user accounts
  • Third-party integration
  • Standard support

Pro

  • Monitor up to 40 websites/servers
  • 3 advanced monitors
  • 5 network interfaces
  • 200K RUM pageviews
  • Tests from more than 90 locations
  • 150 SMS/Voice credits per month
  • Multiple user accounts
  • Third-party integration
  • Premium support

Classic

  • Monitor up to 100 websites/servers
  • 5 advanced monitors
  • 10 network interfaces
  • 200K RUM pageviews
  • Tests from more than 90 locations
  • 250 SMS/voice credits per month
  • Multiple user accounts
  • Third-party integration
  • Premium support

Enterprise

Monitor up to 500 websites/servers

  • 25 advanced monitors
  • 100 network interfaces
  • 200K RUM pageviews
  • Tests from more than 90 locations
  • 500 SMS/voice credits per month
  • Multiple user accounts
  • Third-party integration
  • Premium support

Each plan can be augmented by extra features for a monthly fee. That is, a Standard plan can include more than one advanced feature, but will cost more.

Website malware removal score – 8.7 out of 9

 Based on our criteria, Site24x7 receives 8.7 out of 9 for its website malware protection service.

Pros:

  • Constant availability from a remote location
  • Image, script, anchor, iframe, link, and text defacement checks
  • Change integrity checks
  • Advanced web content integrity check
  • Intelligent baselining
  • Constant performance monitoring from more than 90 locations
  • Flexible pricing structure
  • Free version

Cons:

  • Top plan quite expensive
  • Doesn’t include network security protection

Advanced Website defacement protection:SiteGuarding advertises emergency with early detection of security issues, scans entire web page for hacked links, identifies HTML changes, starting at $9/mo.

4. Wordfence

Wordfence should be at the top of your list if your website runs on WordPress. Wordfence specializes in pages for WordPress (as you may have guessed by the name). Despite some previous features of websites running on other CMSs, including Joomla and Drupal, its current emphasis is solely on providing WordPress sites with security options.

The Wordfence WordPress plugin has been downloaded over 100 million times, and its service has been cited in major media outlets, including ArsTechnica, The Registry, BleepingComputer, and Threatpost.

Notable features

You can download Wordfence directly to your WordPress CMS as a plugin. The service offers real-time malware scanning, a firewall, and IP blacklisting. You’ll also get:

  • Two-factor authentication for your site
  • Country blacklisting
  • 24/7 premium support
  • Leaked password protection
  • Live traffic monitor
  • Core, theme, and plugin file repair
  • Manual blocking

Additionally, Wordfence offers immediate, one-time website hack removal and website cleaning for $179. The emergency malware removal option offers:

  • Malware removal and other website hack cleaning from an unlimited number of website pages
  • Analysis of security flaws that caused the website infection
  • Removal of malicious code and links from posts, comment sections, and website source code
  • An in-depth report of the investigation and removal process and a checklist for future hack prevention
  • Blacklist removal from over 20 search engines and anti-spam blacklisters, including Google, Bing, and Symantec
  • One year of Wordfence Premium

If you want to check your website for free with Wordfence, you’ll need to install the WordPress Plugin, create a free account, and then scan your site from your Wordfence account.

Free scans will not offer malware cleaning for sites already infected with malware, however. If you want to fix a hacked site you’ll need to sign up for Premium or use the one-time website hack removal.

Pricing

As mentioned, you have two options for Wordfence: emergency website hack removal or Wordfence Premium.

  • Wordfence Free (limited functionality)
  • Wordfence Premium: $99/year per website
  • Emergency Website Hack Removal: $179 (includes one year of Wordfence Premium)

You’ll need to opt for the emergency website cleaning option if you need hack removal. You can choose between Wordfence Free, both of which are feature-rich, and Wordfence Premium. For high-traffic locations, however, Wordfence Premium provides a greater advantage.

Wordfence Free: Provides endpoint protection, free version of malware signature updates (delayed 30 days), support for web application firewall (WAF), malware scanning, file repair, malicious connection and comment tests, and a live traffic control, among other advantages.

Wordfence Premium: All that comes with a free version, but adds real-time firewall protection, two-factor authentication, website blacklisting checks, and blacklisted IP and country requests that are blocked.

You’ll need to buy several licenses if you have multiple websites and want to sign up for Wordfence Premium. If you buy additional licenses, Wordfence offers a discount, and extra discounts if you buy multi-year subscriptions.

Website malware removal protection score – 7 out of 9

Based on our criteria, Wordfence receives a 7 out of 9 for its website malware removal tool and service.

Pros:

  • Highly-respected WordPress security tool
  • WordPress plugin
  • Low-cost subscription and emergency hack removal
  • Extensive features
  • Some free options
  • Free version available
  • Plugins/extensions available for multiples CMSs: WordPress, Joomla, Drupal, Magento, OpenCart, phpBB, and PrestaShop

Cons:

  • Limited to no functionality for websites outside of the WordPress CMS
  • Limited contact and support options

5. SiteLock

SiteLock is one of the market’s best-known website security providers, providing several plans and a wide range of features and services for those who need to uninstall website malware. For further site security against external threats, it is also a viable choice to consider. Some household names in different sectors, such as the Tennis Channel website, and partners with a few hosting companies (including HostGator and GoDaddy) have used the service to provide protection for websites.

Notable features

On most of our requirements for website malware elimination, SiteLock earns a passing grade. For WordPress, Joomla, Drupal, and other open-source content management systems, this service can search for and delete malware. You can install a dedicated plugin/extension for WordPress and Joomla that will run backend malware scans and help decide whether you have plugins, files, or other threats infected.

Outside of malware scanning and removal, SiteLock scans for:

  • Infected or vulnerable applications
  • Network port vulnerabilities
  • External redirects
  • SQL and XSS threats
  • Spam

SiteLock does not provide this as a separate, DIY method to search a website externally for risks, but there is a free risk assessment. With your name, phone number, email address, and website address, you will need to contact SiteLock directly. Setting up this involves waiting for a return call and talking to a live person, so if you need immediate removal of malware (for example, your hosting provider has deleted your website due to the extent of the malware or hack), it’s best to sign up for one of SiteLock’s malware removal and site restore options immediately.

Pricing

There are three pricing tiers to choose from if you need malware removal:

  • SecureStarter: $30/month
  • SecureSpeed: $50/month
  • SecureSite: $70/month

All three options perform automated scanning and removal of malware, but via SecureSpeed or SecureSite, SiteLock only provides full emergency website restoration, hack removal, and blacklist removal.

The main differences between these choices are the number of pages that can be scanned and the amount of extra protection that you get outside of the removal of malware.

SecureStarter: Good for removal of light malware but does not give the web application firewall of SiteLock (WAF). Up to 500 pages will be scanned once a day.

SecureSpeed: Can search up to 500 pages once a day, includes the WAF of SiteLock, and provides compromised websites with one-time site restoration.

SecureSite: Can reliably scan up to 2,500 pages. SecureSite offers unlimited hack repair and blacklist elimination, although subscribers to SecureSpeed only get this service once after signing up. Automated WordPress, Joomla, and Drupal patching, database testing, and database cleaning are also provided for this option.

Website malware removal score – 7 out of 9

Based on our criteria, SiteLock receives 7 out of 9 for its website malware removal service.

Pros:

  • Fast and trustworthy website malware removal and hack repair
  • Blacklist removal
  • Daily scans and regular malware removal after hack repairs
  • WordPress and Joomla plugins/extensions

Cons:

  • Pricier than most competitors
  • SecureSpeed option only includes one hack repair and blacklist removal. Using SiteLock for repeat hacks can be expensive
  • Requires monthly or yearly subscription to remove malware and repair a hacked site
  • An extremely limited number of page scans compared to other services

6. Quttera THREATSIGN!

As far as platform support is concerned, Quttera provides one of the most comprehensive solutions on the market. While the service offers the same amount of security and removal features as some of the top rivals, it also operates on a greater range of sites on the website than most other choices on the list.

For those who do not use the ever-popular WordPress CMS but instead opt for alternative platforms such as Drupal, Joomla, SharePoint, Magento, and others, Quttera is a noteworthy choice to consider.

Notable features

Quttera’s service for website malware removal provides a few key tools websites may need, including:

  • Detailed reporting
  • External link detection
  • Detection of PHP-based threats, including PHP malware and PHP shells
  • Unknown malware detection
  • Emergency website hack fixing
  • Blacklist monitoring for Google, Yahoo, and Bing
  • No page limit for scanning
  • Proprietary malware scanning tool
  • Uptime monitoring

There are no free options with Quttera. However, the service does offer a limited basic website malware scanning and removal tool for a low price ($10/month). There are a few other subscription options as well that offer a more inclusive removal and protection package.

Quttera’s Business plan provides a full suite of features, including:

  • Response time within 8 hours
  • Server-side malware scanning
  • Unlimited malware removal and hack repair
  • Manual malware removal
  • Full website auditing
  • Google, Yahoo, and McAfee blacklist removal
  • Web-based dashboard
  • External malware scanning
  • Web Application Firewall (WAF)
  • Virtual patching and website hardening
  • SSL certificate support

You can find a free option of Quttera’s tools if you look hard enough. For example, there’s a free WordPress plugin that provides free malware scanning and limited removal features.

For a small example of Quttera’s service, you can use its external malware scanning tool for free, as well.

Pricing

There are 5 subscription options available for Quttera THREATSIGN!:

  • Emergency: $249/year
  • Basic Subscription: $10/month
  • Economy Subscription: $149/year
  • Business Subscription: $179/year
  • Professional Subscription: $599/year

The Simple subscription only provides automatic removal of malware from the website, continuous testing, and virtual patching and WAF. And interestingly, the subscription to the Economy provides all but a WAF and virtual patching.

Through the Emergency or Business subscription for 1 site, or the Technical choice for up to 5 pages, you can find the best coverage. The main differences at that stage are the initial response times and the pace of scanning of external malware. If you need a quicker scan and reaction, choose Emergency.

Both plans have an initial response time of 12 hours and check via the Emergency Subscription at least once a day, and up to every 30 minutes.

Website malware removal score – 8 out of 9

Based on our criteria, Quttera THREATSIGN! receives an 8out of 9 for its website malware removal tool and service.

Pros:

  • Lower-cost than more well-known competitors
  • Wide website platform support
  • WordPress plugin available
  • Removal from multiple website blacklists

Cons:

  • Noted limitations with Basic and Economy subscriptions
  • Less reputable service with many complaints related to false positives

7. Comodo cWatch

Comodo’s cWatch is one of the only removal choices on the market for free website malware, making it one that is a little difficult to pass up if you’re searching for a fast fix. CWatch makes big promises, even with the free alternative, including the promise to uninstall website malware within 30 minutes.

The service was formerly named Site Inspector, but we were told by cWatch that all operations of the Web Inspector are now being forwarded to cWatch.

Notable features

A number of malware scanning and removal functions are marketed by Comodo. There are various security solutions designed to ensure the website is safe from potential attacks for those who want to keep the protection running after repairing a hacked site.

cWatch provides “incident management and remediation” (their term for malware removal for a hacked website). CWatch provides anomaly detection, tests for unpatched vulnerabilities, and offers a comprehensive WAF for those who sign up for the monthly subscription option.

Additional features include:

  • Checks for correlations between repeat events
  • Automatic incident alerts
  • SEO poisoning recovery
  • Persistent threat detection
  • CDN threat management and performance enhancement

Although technically, cWatch does not provide a free inspection, you can still use the external malware scanning tool of the free Site Inspector. Web Inspector has technically expired, as reported, but Comodo has yet to uninstall either the website or the free scanning tool of the Web Inspector.

To decide whether your website is blacklisted due to malware, whether your CMS has any threats that can be detected from an external scan, and if there are any content and HTTP security risks on your website, you can use the malware scanner

Pricing

With cWatch, you can repair website hacks using three different options:

  • Free. Basic: Free
  • Pro/Protection Complete: $9.90/month
  • $24.90/month Premium/Advanced Protection:

Comodo is one of the only solutions on the market offering free removal of malware from websites. Of course, there are some drawbacks to the free removal option, which includes minimal tech support, no WAF, no ongoing monitoring following the removal of the malware, and, most significantly, no removal of the website blacklist.

The choices for Pro/Complete Security and Premium/Advanced Protection vary mainly in the amount of hands-on assistance you can get from Comodo. The primary difference between the two is that you can contact a dedicated CSOC analyst at any time, monitor your firewall rules more, and reverse malware engineering with the Premium package. You’ll also get scans with Premium every four hours, vs Pro/Advanced Security every six hours.

Website malware removal score – 7 out of 9

Based on our criteria, Comodo cWatch receives 7 out of 9 for its website malware removal tool and service.

Pros:

  • Free website malware removal option
  • Low cost extended malware scanning and protection plans
  • Fast customer service response
  • Blacklist removal with paid options
  • Extensive WAF with paid options
  • Hands-on support with Premium plan

Cons:

  • Less reputable and less commonly recommended by top-level sites and services
  • No website blacklist removal with the free option
  • No WordPress or Joomla plugins

8. Malcare

It is probably better to think of Malcare as a direct competitor to Wordfence. Built specifically for WordPress CMS websites, Malcare provides a plugin and service to repair hacked WordPress sites and retain ongoing security.

While servicing only WordPress sites is definitely a limitation, some pretty big names, like Yoast, Adobe, and Intel, have used Malcare and are trusted. The company already boasts of getting its service covered by 20,000+ pages.

Notable features

If you just need emergency malware removal, Malcare offers a one-time hacked website fix that includes:

  • Malware scanning and removal
  • Dedicated security analyst review
  • A detailed report on findings and actions taken
  • WordPress hardening
  • Login protection

Those who need added protection may want to consider the subscription-based option. Malcare provides a long list of features here, to include fast and automated malware removal, daily scanning, and a user-friendly dashboard with extensive site stats.

The subscription-based website security service also offers:

  • A comprehensive WAF
  • Protection from known vulnerabilities
  • Website hardening, including updated security keys
  • Automatically disable unwarranted plugin installations
  • Prevent file editing
  • Alerts for suspicious logins
  • CAPTCHA logins
  • IP blocking
  • Automatic implementation of other WordPress-recommended security recommendations

Unfortunately, Malcare doesn’t appear to offer blacklist removal from Google or other blacklisting sites, neither in its emergency malware removal service or its subscription-based website protection plans.

Finally, there’s a free scanning tool available from Malcare. You’ll need to install the Malcare plugin to your WordPress site in order to perform the scan.

Pricing

Malcare offers three security packages, as well as a (rather pricey) emergency malware cleanup service.

  • Emergency Malware Removal: $249
  • Basic Subscription: $8.25/month
  • Plus Subscription: $12.41/month
  • Advanced Subscription: $20.75/month

The service makes a rather bold promise: If it fails to remove your website malware, the company will refund you three times the amount you paid for removal.

Website malware removal score – 6.5 out of 9

Based on our criteria, Malcare receives 6.5 out of 9 for its website malware removal tool and service.

Pros:

  • Effective free malware scanner
  • Low-cost website protection and malware scanning
  • Well-respected and trusted service
  • High-quality WordPress plugin

Cons:

  • No website blacklist removal
  • Expensive emergency malware removal service
  • Only works with WordPress

9. GoDaddy

Thanks to its very scandalous TV commercials, GoDaddy became a household name in the early 2000s. The business has since moved on and is one of the world’s most-used website hosting companies. It now offers other services for the website, including the removal of emergency malware.

Notable features

GoDaddy doesn’t offer many details about how its Express Malware Removal service works. The company promises its technicians will get started reviewing your site’s security and infection status within 30 minutes but doesn’t tell you how long full malware removal will take.

Beyond that, GoDaddy states the service comes with:

  • Continued protection for one year
  • A web application firewall (WAF)
  • Removal of any other malware during your year-long subscription
  • Google blacklist removal
  • Malware scanning alerts
  • Functionality with almost any CMS and custom-coded site
  • 24/7 customer service

There’s no free scanning tool or free audit with GoDaddy. You’ll need to purchase the Express Malware Removal service in order to scan your website for malware and other threats if you opt for this service.

Pricing

GoDaddy offers just one website malware removal option:

The company will auto-renew this service for $299.99 per year, so we recommend canceling it before the year is up to avoid being charged.

We recommend that you cancel your year-long malware removal subscription because the company also offers a $5.59 per year Website Security subscription plan. This service is advertised to stop hacks before they happen, but if they do occur, it can be used to remove malware infections. GoDaddy will, however, only let you sign up for it before and not after a website hack.

As such, if you’re acting after the fact, removing website hacks with GoDaddy can be very costly, but if you pre-emptively sign up for its subscription-based website security service and get a hack afterwards, it’s cheap to remove malware.

Under GoDaddy’s Website Security service, there are three subscription options:

Essential: Offers a 12-hour response time, monitoring and removal of the Google blacklist, and unlimited removal of malware and hack repair.

Deluxe: Provides all of the above, plus prevention of WAF malware, CDN performance accelerator, and mitigation of DDoS.

Ultimate: Offers everything from Deluxe, but with a reaction time of six hours and backup and restoration of the website.

Website malware removal score – 6.5 out of 9

Based on our criteria, GoDaddy receives 6.5 out of 9 for its website malware removal service.

Pros:

  • Well-known service
  • Offers emergency malware removal
  • Provides blacklist removal
  • Works with most CMS and custom-coded sites
  • Multiple forms of support contacts

Cons:

  • No dedicated CMS plugins
  • Expensive for emergency malware removal
  • No free site scanning options
  • Mixed reputation despite the well-known name

What to do if your website is infected with malware

You’ll need to do the following to remove website malware and recover from a website hack:

  1. To evaluate the issue, conduct an official scan of your website
  2. Isolate where on your website the issues are
  3. Using dedicated malware removal tools or services, remove the malware
  4. If necessary, perform backups of pages and files
  5. Enhance the protection of websites to guard against more infections
  6. Alert users of your website if malware steals user data
  7. Alert your local authorities or the FTC if there has been a data breach that has led to compromised consumer data.
  8. Check to see whether the SEO rankings of your website have been negatively affected
  9. Requesting to be removed from domain blacklists if necessary

Below, we’ll outline everything you need to understand why your website might have been infected, how to scan for malware on a website, and what you can do to prevent future infections of the website.

How did my website get infected?

According to SiteLock, around 18.5 million websites are infected with malware at any given time. Meanwhile, over 70 percent of websites contain critical vulnerabilities. For most websites, and especially smaller sites without hefty enterprise security budgets, it’s less an issue of “if” your website will get infected or hacked, but “when.”

A website can get infected in many common ways:

  1. Malware from SEO spam (spamdexing)
  2. Defacement Over
  3. Website misconfiguration
  4. You or your web developer (usually in the form of plugins or templates in your CMS, such as WordPress or Joomla!) have installed infected files on the website.
  5. By using cross-site scripting (XSS) attacks, the manipulation of insecure scripts on your site
  6. Brute-force Weak Password Attacks
  7. Interception over FTP or HTTP
  8. Weak protection of your server (often out of your reach if you use managed services)
  9. Backdoors left behind by unscrupulous internet developers

There are also several other threat vectors. However, contending with website malware can be a problem regardless of how a website gets infected. Your Google page rankings will crash to the ground if even one page on your website gets corrupted or hacked, affecting your SEO ROI significantly and negatively.

Google and other businesses are also known to blacklist websites infected with viruses, and an especially bad infection may even cause Google to fully delete your website from its search results.

How do I scan a hacked website?

There are three ways to search for malware from a compromised website:

  • Using a malware detection tool from a free website
  • Install a plugin to check for backend malware on your CMS
  • Use a service that provides scanning of free or paid website malware

From there, you will have to determine whether there is an issue that needs immediate resolution. You’re probably not infected if no scans find a problem. Remember, however, that free, external scans may be unreliable, so it’s better to pay for a more thorough internal scan if you’re still getting complaints from website users regarding issues such as popups and redirects.

How do I fix a hacked website?

To make the removal of malware from a website much easier, various tools and services exist. If you use one, certain tools can be installed directly on your Content Management System (CMS) (such as WordPress or Joomla). Others act as protections for server-site endpoints.

Services that clear up these malware infections on the website can hire security professionals to fix the issue and then set up a software solution to help prevent further infections. To do the brunt of the work, others will rely solely on automated software and only deploy security professionals in unique cases.

Website owners may do this themselves, as Sucuri says, but unless you’re a professional programmer, if you find anything, you’re unlikely to know what to look for and might not know how to fix the issue. In terms of how much time you put into trying to fix it yourself, a DIY approach can also be expensive.

To find and uninstall malware from your website, we suggest you use a professional service. Using a trusted managed service can help avoid any serious consequences associated with the deletion of incorrect files and the absence of significant or critical security flaws and infections.

Common website security weaknesses

If you’ve recovered from a website hack, your next step is going to be to shore up your website’s weak spots. Here are a few areas to consider to help avoid getting additional website malware.

Password protection

For hackers, poor admin passwords make it easy to gain access to your backend. If you’re running WordPress, if you haven’t already, we strongly recommend that you install Jetpack. This plugin will provide valuable stats for the web, but will also help discourage attempts to login maliciously.

Make sure you have good passwords as well. WordPress generates strong passwords for new user accounts automatically, so make sure that strong passwords are still used by any editors, authors, contributors or anyone who have password access to your WordPress site.

FTP and HTTP/HTTPS

When it comes to FTP and HTTP interception, stop logging in over public wifi to your site’s FTP, and make sure that HTTPS is used instead of HTTP for any sites you visit or enter personal information. Beware of any alerts you might receive that warn of potentially malicious websites or links from Google or your personal antivirus program.

Additionally, update your site to use SSL encryption if you have not done so (HTTPS). This will not only help your Google rankings, but SSL encryption helps deter attempts at site hacking.

Unfortunately, you can’t do too much about poor server safety if you’re using managed services and not running your own web server for your website. You will want to suggest using only reputable web hosting companies, however. For web developers you contract with to work on your website, the same goes. Not everybody is trustworthy, so you’ll want to ensure you have a strong reputation and checked past work with any developers or production companies you use.

Infected plugins on WordPress or Joomla

Your main concern would be cross-site scripting and corrupted plugins from your CMS if you are running and maintaining a website on your own or with a small team.

Not all problems with your website will be due to viruses or other malware. In reality, if you think your site might be broken due to an infection or malware, because of an obsolete plugin, or a dispute between two or more incompatible plugins, there’s a good chance it’s actually broken. Nevertheless, malware-infected plugins do exist in abundance in many CMS environments, especially in WordPress.

There are several WordPress plugins out there, ironically enough, designed to search the other WordPress plugins for malware. Many of these malware-scanning plugins bear viruses themselves, we suspect. Simply put, in other plugins, don’t install an unvetted plugin intended to root out malware. Just install plugins that are checked, trusted, and modified.

Script vulnerabilities

Scripts are also known as the web’s backbone and are part of what helps to make websites interactive. They also allow the interaction of various websites with each other. The interactivity, however, can also create vulnerabilities, particularly if the script itself is hijacked or maliciously crafted.

A hijacked script will allow hackers, as long as the vulnerability is known, to inject malicious code into one or more websites at the same time.

It’s also likely that your website runs multiple scripts that give your site and visitors partial access to other pages. If those scripts are malicious or are used to send malicious code to your website, before you find out where the problem is and delete it, you may not be able to do anything about it.

Notably, even if your website is not hosting the malware, if the script is a known source of malicious attacks, Google may still tag your site as hosting malware and blacklist you.  

Infected tags

Your site can even contain tags that, without your knowledge, serve up malware. Typically, a website tag is a piece of Javascript code kept inside its own container and is typically there to collect and submit information. Tags are useful for Google rankings, but can be used maliciously as well.

Google scans the containers containing these tags, and, according to the company, a tag that points to a malicious website will not fire (the tag will not do what it’s supposed to do). This can have deleterious effects on the Google page ranking of your website, as malicious tags can inject unwanted redirects of URLs and URLs, popup advertisements, window search bars or side-search bars, and can significantly slow down page loading speeds (another page ranking factor).

You’ll get an email about infected tags if you’re using Google Tag Manager, but even if you’re not, your site can get flagged for malware and you might not know it until either a user alerts you to any of the above issues (such as powerful popups) or you notice malware turning up in scans of website malware.