Website has been compromised (how to prevent it)

If your account suspended for:
- spamming;
- cpu overload (associated with php/cgi script abuse);
- malware;
- phishing activity
Please follow these steps to ensure website security in the future:
  1. Scan your personal computer with latest Antivirus software. We do recommend Kaspersky Internet Security 2013. Please remember: the most important part is not finding a virus, but to resolve vulnerability issues.
  2. If computer is clean, please generate full site backup via cPanel > Backup. Backup must be downloaded to personal computer then removed off the server via file manager or FTP. You should also download all static files via FTP and make separate MySQL backup.
  3. Please submit support ticket to for username change. We will change username and also update site password.
  4. As soon as you receive new username and password, please remove all content from public_html folder. Please DO NOT REMOVE public_html folder. You need to remove all content inside public_html folder, folder by folder except system cgi-bin directory.
  5. Now you need to reinstall all scripts. Please visit your script vendor, download newly released versions then install it. If you didn't have any php or cgi scripts installed (only html pages), you would have to open all pages via File Manager > Editor or via FTP program then remove malicious code manually.
  6. Please make sure that you set correct permissions on files and folders. Config files must be chmoded to 400 (after you done modifications), all php, images, html pages: 644, folders and .perl /cgi scripts: 755.
  7. Please make sure that your backend protected via "cPanel > Password protected directory".
  8. Please change username for backend via cPanel > PHPMyAdmin. Most installers recommend username "admin" or something similar. Good username should be set to something harder to guess, for example, s7d8q13
  9. Passwords must be set via password generator tool provided by cPanel and WHM. Even if you install Wordpress Blog, you still have to use strong password. DO NOT save passwords within browsers!
  10. Always use secure cPanel channels, for example, https://serverid:2083 (where is "serverid" - your server ID with JNS Host).
  11. Keep your Antivirus updated, make sure that you have no vulnerabilities (especially associated with Java, Google Chrome, Internet Explore, Outlook and Adobe products).
  12. Generate then download own backups at least once per month! Backups must be stored on personal computer. JNS Host isn't responsible for any data residing on servers. While we maintain automatic weekly and offsite monthly backups, we cannot guarantee availability of backups.
  13. Keep an eye on public_html folder activity. If you noticed something weird, for example, new folder, please do not remove it! You have to go through all steps written in this article.


If you have any questions regarding site security or wish to add helpful tips to this article, please contact us via
  • 2 Users Found This Useful
Was this answer helpful?

Related Articles

Fatal error: Class 'PDO' not found

My website is showing "Fatal error: Class 'PDO' not found" Please edit php.ini file....

Error: Warning: ini_set has been disabled for security reasons

If you received "Warning: ini_set() has been disabled for security reasons" during script install...

Fatal error: Incompatible file format

Issue: when you visit website, it shows similar error: "Fatal error: Incompatible file format:...

ionCube PHP Loader error on website after PHP upgrade (from php 5.3.x to php 5.4.x)

Issue: When you access website via web browser, it produces similar error: "Site error: the...

It is not safe to rely on the system's timezone settings (how to fix it)

Occasionally, you may receive following warning on main page (especially, Joomla): Warning:...

Powered by WHMCompleteSolution