Remove malware in Magento is very often task our team do for our customers. They usually call us in very urgent about malware and problem from malware in their magento site.
You know, ecommerce site must have the security very strick. If you meet the malware issue, you can’t imagine how much it will cost you to get the trust back from your customers. So that in this article I will show you how to remove malware in magento and prepare for future.
1. Daily backup – protect from malware risk
Before remove malware, even though you meet and not met malware yet, let ‘s set up a backup system so it can do the backup daily for you. So we can make sure in any situation, we can always get our old site back to work.
2. Scan server, hosting for malware detection
Let ‘s install Linux Malware Detect from https://www.rfxn.com/projects/linux-malware-detect/ to scan entire of your magento site.
After install, you just need to run this command line
maldet -a /your-magento-directory/
And remember to turn on monitor your magento direct to check every day or every time we have new files to make sure your files/folders are risk free.
3. Check third-party magento extensions
The magento extensions can meet some security problems so that don’t use any magento extension from unknown resource. At least, the magento extension provider must be a company who have big brand name or magento partner to make sure it ‘s safe.
Let ‘s remove all of unknown magento extensions.
4. Change all of password
The malware can attack you from key logger what will record your login detail via FTP/SSH … to upload malware to your site. So that even you remove all of them, it still have chance to upload again and again. You will never know if your current password are safe or not, so that let ‘s change all of them to make sure they safe.
Ok, let ‘s do 4 above steps and sit and wait if you problem come back