Nexcess Logo

How to secure your compromised site

Knowledge Base Home

Notice anything different?

We've enhanced the appearance of our portal and we're working on updating screenshots. Things might look different, but the functionality remains the same.
October 28, 2022

Do you have a serious malware infection within your site and need guidance on how proceed? At Nexcess we're ready to help guide you through the process.

What to do when your site has been infected

If your site was infected with malware, these are the steps you need to take now.

The actions we describe below are listed from easiest to most complicated. If you’re unsure how to do any of these steps, please get in touch with our friendly support team by email or through your Nexcess Client Portal. They’re available 24/7 to help you.

Update your administrator user password

Update the admin user password for your CMS. In the dashboard of the application or CMS you use to manage your site, update the password for the admin users who can modify your site’s content and files.

If your site supports it, you may use the command line interface (CLI) to reset or update admin user credentials. This is an advanced method, and you’ll need more advanced knowledge of your CMS to make changes.

Review admin users

Check the list of your site's admin users (users with the role of Administrator or similar) to ensure you recognize them. Remove any admin users who shouldn’t have access to your site.

Update your application or CMS

Ensure that your application or CMS is updated to avoid unpatched software security vulnerabilities. Keep plugins and modules updated on the site. Those plugins or modules can be updated in your site's dashboard or the command line (CLI).

How to keep your WordPress site secured

The best practices for tightening up the security for your Magento are well documented in the following article: How to secure your WordPress site.

How to keep your Magento store secured

The best practices for tightening up the security for your Magento are well documented in the following article: How to improve the security of your Magento store.

Update your database user password

Update the database user password for your application and CMS and then update any application configuration files with that new database password.

If you need assistance with how to update the password of admin users or how to update your database user password, please get in touch with support.

Nexcess hosting

We’re here to help

Of course, we’re always here to discuss your options to clean up your site.

For 24-hour assistance, any day of the year, contact our support team by email at or through your Nexcess Client Portal.

Get fully managed hosting from Nexcess

Nexcess managed hosting offers you faster speeds, more robust security, inherent scalability, and trusted support. Once your website is ready to go live, consider our stellar hosting plans:

Related articles

Related articles


Nexcess, the premium hosting provider for WordPress, WooCommerce, and Magento, is optimized for your hosting needs. Nexcess provides a managed hosting infrastructure, curated tools, and a team of experts that make it easy to build, manage, and grow your business online. Serving SMBs and the designers, developers, and agencies who create for them, Nexcess has provided fully managed, high-performance cloud solutions for more than 22 years.

We use cookies to understand how you interact with our site, to personalize and streamline your experience, and to tailor advertising. By continuing to use our site, you accept our use of cookies and accept our Privacy Policy.