Malware and how do you protect your website of it

Malware and how do you protect your website of it

Malware known as Malicious Software, which cause penetration to the computer or mobile device without owners authority and  which harm your computer anyway in form of viruses Trojan horses, Spy ware, Worms, Scam ware, Ad ware, Ransom ware, Shareware, browser hijackers, Roots kits etc.


Malware passes through spam, infected websites and emails etc and collect personal information steal financial details and other personal identity. The information then gathered can hijacked by any other computer and the computer functioning can be controlled through other computer.

Some of Malware are very risky then others they may cause your computer slow down and not responding along with this they may damage your files and folders.


Generally if your site has been infected by any type of Malware then you will get the message of “reported attack site”.

If you are receiving this message then sign up to your Google Webmaster Tools account, choose your website and view the account.


The Dashboard appears on your screen, at the bottom of drop down menu click on the Lab button and then clicks on the link called “Malware Details” now you are able to check any Malware on your website exposed by Google, if there is no malware in your website then you will get a message that “Google has not detected any malware on this site, if you will not receive the message then you will need to identify and clean the site.


For cleaning your sites don’t forget that malware could take the form of any invisible frame and Obfuscated Code.


Now the question arise in your mind that how to identify them:

Iframe (Invisible Frame):

Iframe is a malware virus that infects the web pages of your website.

To recognize your site for Iframe, look at the code of all pages including frame with specification width = “0” and height = “0” and then remove such pages. Look over all your web pages don’t leave any of them.


Obfuscated Code:

This code is a machine or source code that is difficult to understand by the human beings. Not all obfuscated code are significant but if you understand the coding of your site and see any code that is impossible to understand, this indicate the attack of malware in you website.


If you don’t understand the coding then refer your site to the person who wrote it (your Website Developer) or one who understand the code.


If you find any attack onto your site or if your site has been hacked and discovered Iframe and Obfuscated code then make the site offline and delete all vengeful codes on time.


After cleaning the site you can make request of reviewing again in Google through Web Master Tool.






Your website is running of a content management system . Many CMS platforms are easy target for hackers. To avoid such hacking don’t forget to update your system plugins and themes. Many CMS solution update files automatically try to choose them.





Most of malware are unnoticed because of their evasive nature. Website scanning software helps to scan the website and easily find out the malware and other harmful codes damaging your website and notify you about any threat. There are number of tools or software automatically removes the harmful codes and malware from the website.




Even now also peoples are using weak passwords, now the question arise that what is strong password. Strong password is one contain more than 8 character, no dictationary word, have to be mixture of uppercase and lowercase and include digits and special characters. Remember to change your password frequently.




Never disclose your admin pages. Use robots_txt file to prevent search engine from listing them.


For transferring users’ personal information between the website and your database use an encrypted SSL. This will help to prevent and secure the information or output being read in transit and access without proper authority.