If your website has been hacked and malicious content has been inserted into your files, you should clean them as soon as possible to prevent further damage to your hosting account.
Let's say that the following code has been inserted to some of your files:
<?php eval(base64_decode('malicious_code')); ?>
You have to search in all of your files for this string. You can search in your files using a local website building application such as Dreamweaver.
First you should download all files to your local PC using an FTP client.
Once you do this, you should use the search option in Dreamweaver and search for the malicious code. Delete it from the files and the issue will be resolved.
When the malicious code has been removed, you should upgrade all applications on your hosting account to their latest stable versions.
To ensure you are the only one who has access to your account, you should also:
1. Update your Antivirus software to the latest version. For Windows we recommend Norton Internet Security.
2. Run a complete antivirus scan on your local computer including all hard drives.
3. Ensure your Operating system (Windows, Linux or MacOS) is up-to-date and all security patches are applied.
4. Ensure your Internet connection is secure. If you are using wireless connection the only secure encryptions is wpa2. For more information contact your router vendor or ISP.
5. Change your cPanel password.
6. Change the passwords for your web applications backends.
7. Check our basic security guidelines and implement as many of the suggested solutions as possible.
