If your Magento site got hacked and marked by Google as malicious, Google will start showing a warning page to users visiting your website, and that clicking on any link can cause users to be infected with malicious software.
The situation is then very urgent and requires to immediately investigate the problem to protect visitors.How to minimize the impact?
- Take your site offline. Doing this will help you protect your visitors
- Change all your FTP/SFTP credentials
- Use secure site for Magento Admin Panel and customers account management
- Rename .htaccess and upload a copy from the original Magento package (use the same release version)
- Get a low-cost daily anti-malware scan from GeoTrust. Get more info - Buy it from us at discounted price.
- Rename the JS folder and request an On-demand scan to enable quick confirmation of clean site status
- If Geotrust reports no malware, then it is probably because JS files were infected.
- Ask a reputable web hosting company to transfer your files from the old server except the infected JS folder
- Upload the JS folder from the original Magento package (use the same release version)
- Make notes of all JS files from the infected JS folder that are not in the original JS folder
- Get the missing JS files (eg jQuery, lightbox) from the source
- Edit your hosts file and test your site before making the final switch.
add the following line to your hosts file: your_server_ip www.yourdomain.com yourdomain.com eg: 222.111.333.9 www.yourdomain.com yourdomain.com - Once done with tests, edit your name servers and wait for DNS to propagate
- Connect to Google Webmaster Tools and request review
- Upgrade Magento to the latest stable version (if your budget allows you this) . Contact us to get a quote
- Take extra measures to minimize the risk of future attacks (eg use Cloudflare.com)