We get to deal with infected web sites on a daily basis and the most common question we get is how do we clean websites. What steps do we take? What should you do if you want to clean up your site if it gets infected?

This is part one of a small series of posts showing how to clean up sites. We will start with how to clean up “Pharma Hack” on a WordPress driven site due to the popularity. You can follow the series here: http://blog.sucuri.net/category/guides.

*Note that this post covers website clean up only (Mostly applicable to shared servers). If you have a dedicated server (or VPS), there are additional steps to secure it, not covered here.
**If the items contained in this post are more than you want to take on, we are here to help. Visit Sucuri or email us at support@sucuri.net

1- Detecting (discovering) that you are hacked

This is the most important step. Most people don’t realize they’ve been exploited, here are a couple things you can do to check your site:

Fire up Google and do a search for “site:yoursite.com”. Check to see if there are any strange titles or spammy results returned on your search. If you see Viagra, Cialis or any other flavor of medicine returned by Google on your search, you’re probably dealing with the Pharma Hack.

If you’re not sure after checking Google, use http://sitecheck.sucuri.net to run a scan. Type your domain name, and if it returns the Pharma Hack (or any other malware) you will see an alert:

Read More