When somebody embeds an nasty iframe, uploads a virus or compromises your web site’s security in any other form or fashion, they do not want to be caught.  So like the classic detective, you have to get out your magnifying glass and get ready to hunt for code, files and folders that do not belong on your web hosting account.

Find Files and Folders that Do Not Belong

Remember that old childhood game of figuring out, which one of these does not belong with the others?

Search through your web site files and folders to make sure that you don’t have anything that is strange or alien in there.  Look for files that are not apart of scripts you have installed, or that may have odd names.  Your web host will be able to tell you what files are safe to delete and which files are an important part of your web hosting account.

Try to view the source code of your web pages too, and look for anything that does not look familiar or is related to the problems you are having.  For example, many iframe injection attacks will attach the iframe code to the bottom of your web site files.

Make Sure Your Permissions are in Check

You should also check to make sure your file and folder permissions are in check.  Folders should be set no higher than 755, and files should be set to 644. You can check or change folder and file permissions through your web host’s file manager or through most modern FTP programs.

Now, for those of you who say this sounds like a lot of busy work, I have a special tip to share.  If you have a recent backup of your hosting account files, you can compare it with the files and folders on your hosting account to see which ones do not match up.  Also, depending on when your web site was infected, your web host may be able to restore your web site from and older back they have too.