A hacker might not cause any noticeable damage when infiltrating your web server. You may not notice any change in performance or any loss of data.
But that doesn't mean everything is okay. A popular use of a compromised server is to distribute malware.
Malware is malicious software. It gets embedded into your website's pages and can infect any visitors to those sites.
Hackers do this by injecting malicious code into a database or into web page templates. Visitors get redirected to malicious sites, or inadvertently download trojans.
If an online antivirus tool detects a site hosting malware, it will blacklist the site by adding it to its database of malicious websites. Users of the same antivirus tools will see warnings when visiting the infected site.
Google also provides popular browsers, such as Chrome, Safari, and Firefox and Opera, with lists of malicious sites which it detects when crawling and indexing for its search engine. Browsers using their blacklists will block infected sites.
Being blacklisted in one of these ways destroys a site's reputation. Websites with a bad reputation will see a drop in visitor numbers. Search engines also stop indexing your site so it doesn't show up in search results. This seriously hurts profits.
You can check a website's reputation using VirusTotal.com or by navigating to the REPUTATION tab in Imunify360 or ImunifyAV for Plesk or ISPmanager.
Once the website has been cleaned up, you must remove it from blacklists as soon as possible.
Here's how to do it.
Unfortunately, there is no way to automate the process. You must manually apply to be removed (delisted) from blacklists. You do this by submitting your site to all of the antivirus vendors listed below.
Depending on the antivirus vendor, it can take up to one month for the process to complete.
Meanwhile, you must be certain your site is free from malware.
A site will only be whitelisted when:
- it is clean;
- you have submitted a report;
- the antivirus vendor approves the report;
- the antivirus vendor removes the domain from their database of malicious domains;
- the antivirus vendor releases an updated database to VirusTotal, or the end user updates their antivirus databases.
Here are the approved antivirus vendors that accept blacklist removal submissions, either as uploads or