If your account has been compromised/hacked you should proceed with the following steps to secure/fix it.

1. You need to check if the script you use for your web site is up to date. You must update it to latest version. You need to contact your software vendor or web developer regarding steps how you can do the update.

2. You should scan your account for any files uploaded by the attacker under your public_html folder. They may upload php shells to be able to edit your files even after you update your software. Any files not uploaded by you must be removed from public_html.

3. You must change your password for cPanel to a hard to guess password. A hard to guess password is 7Bzh@!z;lP!@%Zdf.

4. You should scan your computer for viruses.

If your web site was attacked by MALWARE, you should follow the steps above and also remove the malware code injected into your files. The malware is a virus which usually resides within iframe html code. You need to check your files and remove the malware from the infected ones.

There is nothing else you need to do regarding this. If your account gets compromised again after you have updated your software, that means you missed to update/secure some script which was used to hack your account. You will need to recheck everything from scratch and see if you missed to update any modules/extensions you installed in your account. It is very important to keep your account up to date and secure.

Was this answer helpful? 98 Users Found This Useful (386 Votes)