Virus on website

My website shows
Reported Attack Page!
Linux server
PHP and html files

What do I do now ?
Plz advice
Who is Participating?
soulreaver1Connect With a Mentor Commented:
Some virus scanners analising php/html code to find possible viruses/danger code. Usually there isn't any virus, however somtimes some files on your site could be infected, example: .Do you have any log generated by this antivirus? It would be helpfull.
stephen_c01Connect With a Mentor Commented:
The last page that got hacked that i worked on, they modified the .htaccess and index.php/html and put redirect in there to the true virus site. The virus was never on the hacked site.
whspiderAuthor Commented:
How do I avoid this .............. i can't be monitoring this all the time
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

make sure you have secure passwords and if you do you probably have a bug in a script. The site i worked on was a bug in Joomla 1.0 to gain access.

Make sure you are running the latest version of any scripts or CMS.
Read antyvirus log and then find the reason.
Fadi SODAH (aka madunix)Chief Information Security Officer, CISA, CISSP, CFR, ICATE, MCSE, CCNA, CCNP, CCIP, SCSC and SCECommented:
at first, change all you application, system and FTP passwords.
analyse ftp logs: most problem is unsecured ftp clients, which save passwords in plain text. Often this user click "save pw" and local workstation viruses found it.
look and analyse .htaccess files for rewrites, delete or fix necessary lines.
after analysis of logs, your will see which info was changed. For example, most viruses add own body as <IFrame> directly in the end of php files. If you'll find it, simple delete with text editor, preserving php code structure.
whspiderAuthor Commented:
The iframe gets injected often eventhough i change the ftp passwords and all ,,, how do i avoid all that ?
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.