website affected by virus how to protect the websites infected

Dear Experts

We have hosted our websites on godaddy dedicated linux server and we use wordpress CMS for our websites, we have taken iptables security measures, but still the websites is infected by virus, please suggest how to protect the website getting affected by virus/spam etc.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jason C. LevineDon't talk to me.Commented:
btanExec ConsultantCommented:
First of, ensure the clean slate and readily patch state, Wordpress is just always buggy esp with the "so many" plugin it can support - good for user but bad for securing each. Have Wordpress scanner (WPScan @ be conducting the checks on the strict regime. of course we are saying the OS patch need to fixed readily too, do not neglect that. In fact, there is a Sucuri Security WordPress Security plugin is free to all WordPress users, it is a security toolset for security integrity monitoring, malware detection and security hardening. For info they have Surcuri Sitechecker online to scan the site if public accessible @

For the Iptables, it is godo as to if you identify the source of attack but it can be spoofed and always changing, so with iptables traditionally being logging basic entries to /var/log/messages. You will need specific logging to be noted in your firewall rules if you’d like to track and research traffic for those targeting your wordpress before enforcing into existing ruleset. This guide has been as broad one to harden the server but i do see it applicable in linux platform

Second, check out the web application with secure coding to ensure the regime of OWASP top 10 minimally has been closed or with mitigation measures, these are the common hole to drill into. The cheatsheet (e.g. Secure_Coding_Cheat_Sheet and Web_Application_Security_Testing) to better defend is useful @

Thirdly, explore a web app firewall (such as modsecurity or separate) - see the "Virtual_Patching_Cheat_Sheet" e.g. ModSecurity WAF in embedded mode or as reverse proxy @
I'm using this script, this is not protecting from attack but at least you got informed by email if files got changed, added or deleted.
You can use it on share hosting
btanExec ConsultantCommented:
it would have been on the host server rather than the page already and do change all account password at the same time, as mentioned consider running the online scanner as another verifying point.

e.g. Virus scan -, select the URL tab, and scan the site
e.g. CMS scanning it also check whether or not you have any outdated plugin or CMS running
e.g. Check for injected malicious Javascript (iFrame) into any of web server files. Can be less intuitive, but provides a good overview
e.g. More graphical in as compared to JSunpack, it is useful to see if any IDS signature was triggered as well as JavaScript and HTTP Transactions etc

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.