What is malware?
Malware, short for malicious software, is a type of software designed to harm applications, computers, or networks. It often alters system files or creates new ones, which can result in the following issues on your website:
Slowing down or making your website unresponsive due to excessive use of server resources.
Redirecting your website (or specific pages) to other, often illegal, sites.
Causing various website errors.
Stealing sensitive information from your site, such as passwords or user data.
Malware is typically used for illegal purposes. To learn more, check out this video:
To provide more security insights for your website, our web and cloud hosting plans include a Malware Scanner—an automated tool integrated into the control panel that scans your site for harmful or compromised files.
How to analyze a website for malware
The Malware Scanner runs automatically, keeping you informed about your website’s security status and allowing you to take action if needed. To get started, navigate to Websites → Dashboard, find Malware Scanner in the left sidebar, and click on it.
If no malware is detected, this section will display the time since the last scan:
If the Malware Scanner detects suspicious files, it will show the number of cases found and a summary of the following information:
Discovered malware – The total number of harmful or compromised files found during the last scan.
Actions taken – If an assisted cleanup was performed, this section shows how many files were either removed or cleaned.
Malware timeline – A record of all malware detections from the past 30 days.
Show details – This expands a section displaying a list of compromised and malicious files and their locations.
What to do if malware is detected
If your website is infected, you have a few options:
Perform a manual cleanup
For WordPress websites, follow this guide: How to fix a WordPress site with malware.
For other website types, check your CMS official documentation or help forums; for further assistance, you can consider a freelance service such as Fiverr.
Restore your website – choose a date previous to the malware infection, then apply security measures to prevent reinfection.
Site cleanup service
If your website is built on WordPress and the domain is pointed to Hostinger, we can assist with the cleanup; just click the Request site cleanup button:
Review the information about the cleanup process, click Continue, and proceed with the payment. You'll receive an email notification once the cleanup is complete.
How to protect against malware
After removing the malware, it’s important to take steps to prevent future infections. We recommend the following:
Keep your website’s theme and plugins updated to the latest versions.
Use the latest PHP version available.
Only use licensed themes, plugins, or extensions, and uninstall any unlicensed ones.
Change the admin user passwords to strong, unique ones.
Update your antivirus software on your local device and run regular scans.
These security practices are recommended at all times, not just after an infection 🔒
Additional resources