How to clean your web site and remove the Iframe Virus, Malware or src Virus injection?The attacker will change in mass all your index files and your home files. The format of this viruses is almost like this:
<iframe src="http://other_domain..." style="visibility: hidden;">
<img src="http://other_domain.../" style="visibility: hidden;">
Follow this steps:
1. Immediately change your FTP password
2. Login on your FTP account and order your files by date, the changed files will be on the top of list. Here is the target when you must check first iframe or src out of your domain, remove it and upload again your clean files.
3. Secures your FTP account, allow only your ip or a class of ip to can login using the firewall. In the Unix based OS if you have iptables enabled is very easy to do this using commands:
iptables -A INPUT -p tcp --dport 21 -s 220.127.116.11 -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -s 18.104.22.168 -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -s 22.214.171.124/255 -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -j DROP
This command will allow only 126.96.36.199, 188.8.131.52 ip to login and all 81.69.58 class.
4. Make sure you have right the security features on your server to prevent server attack
5. Check your OS with antispyware or anti trojans, is a lot of viruses in Windows which stole your FTP password from Cute FTP, Total Commander etc. and send it on the Internet!
6. If Google already find your virus or malware they will block your website, you must send to Google a request to recheck your web site here http://www.google.com/webmasters/tools
Clean Web Site script can help you to make fast checking and clean your site files !
This is a php based script malware remover using backup method. Clean Web Site script can help you to keep clean and safe your site files to prevent iframe insertion, src virus injection, malware, backdoor or other attacks which change your site files content.
HOW WORK ?
after you upload a fresh and clean site files you will make a backup files from Clean Web Site
Clean Web Site will check every 6 hours in cron job (you can set the interval from your cron job) if your site files is the same with the last backup made
if your site files was changed, remove or add other Clean Web Site will send you an email with status of your files changed as date of changing, old and new size
if this files was not changed by you after the last backup mean was changed by hacker, you must restore quickly your site files from the last clean backupWhat happen if you or you change files and don't make backup after changing ?
You will receive a message from Clean Web Site with status of your files changed and you will find your changing which is not made by hacker, so is not dangerous, you must make backup to have the last version of your site files.
Visit http://soft.saschart.com/ to take the Clean Web Site.