Maxinames
Back to Security
SecurityUpdated

Malware Scanning and Removal

Confirm an infection, restore from a clean backup, manual cleanup with Imunify, and how to prevent reinfection.

If your site is infected with malware — defacement, redirects, injected spam, or backdoor scripts — act quickly. The longer you wait, the more your search rankings, email deliverability, and visitor trust degrade. Here is what to do.

Confirm the infection

Before assuming the worst, verify:

  • Check Google Safe Browsing for your domain.
  • Open your site in an incognito window and look for unexpected redirects, popup ads, or scripts.
  • Run a free scan at sitecheck.sucuri.net — it identifies most common infections.

Take the site offline (briefly)

While you clean up, prevent further damage:

  1. Sign in to cPanel.
  2. Use IP Blocker to block all but your own IP, or temporarily set the document root to a static "under maintenance" page.

Restore from a clean backup

The fastest fix for most infections is to restore from a backup taken before the compromise:

  1. Open cPanel → Backup Wizard.
  2. Choose Restore and select a backup from a date you are confident is clean.
  3. After restore, immediately:
    • Change every password (cPanel, email, FTP, database, CMS admin).
    • Update your CMS, themes, and plugins to the latest versions.
    • Remove any unused plugins or themes.

Manual cleanup

If you have no clean backup:

  1. Run a server-side scan (cPanel includes Imunify360 or ImunifyAV on most plans).
  2. Review the scan results — Imunify quarantines infected files and offers one-click cleanup.
  3. Inspect any modified core CMS files (compare with a fresh download).
  4. Check the database for injected scripts in posts, comments, and theme options.
  5. Re-enable the site only when scans come back clean.

Request expert cleanup

If the cleanup is too involved, our team offers a paid malware-removal service. Open a support ticket and we will quote and complete the cleanup.

Prevent reinfection

  • Keep your CMS, themes, and plugins fully up to date.
  • Use strong, unique passwords on every entry point.
  • Enable 2FA on all admin accounts.
  • Install a security plugin (Wordfence for WordPress).
  • Set up scheduled backups so a clean snapshot is always one click away.

Still need help?

Our support team replies to tickets around the clock.

Contact supportBrowse all articles

Related articles

Security

Account Security Best Practices

Strong passwords, 2FA, software updates, limited access, regular backups, and a workable incident plan — the security checklist.

Security

DDoS Protection Explained

What we mitigate automatically, when to add a CDN/WAF like Cloudflare, and what to do if your site is under active attack.

Technical Troubleshooting

Website Down? A Diagnostic Checklist

Step-by-step checks for an unreachable site: response codes, DNS, hosting status, application errors. Find the cause fast.