General informations

How does the malware get on my website?

  • The FTP password was hacked (mostly via the local PC)
  • There is a security gap in the CMS (e.g. WordPress or Joomla) or their extensions / themes

I have received an email from checkdomain that a virus has been detected?

If a virus is detected by our virus scanner, we inform our customers by e-mail. A virus scan takes place once a night, in addition a PHP upload is checked for viruses.

Upload attempt: nothing really happened. Someone tried to upload malicious code, but our virus scanner prevented this. You should check whether there is possibly an upload option that can be exploited.

Virus discovery only by ClamAV (Further action: none): The virus was only confirmed by ClamAV, other virus scanners did not issue a warning. This may be a false alarm. The file is not moved to quarantine.

Virus found by ClamAV and others (More action: moved to): ClamAV and at least two other virus scanners have confirmed the virus. There is a high probability that it is malicious code. The file will be quarantined.

What does the malware do and how do I recognize it?

Under the following links you will find various plugins/programs for malware detection.

Examples of what malware does:

- Index files are manipulated, Javascript or PHP code is inserted at the end.

- Often the code is obfuscated in such a way that a human viewer can no longer understand what is happening there.

Example Javascript (outputs "hello world"):

.htaccess files are created to redirect to other pages.

Possible consequences for you and your website visitors

  • Malware is installed on your website visitors' computers
  • Phishing/Spamvertised Content ( hosted
  • Your webhosting package is misused for spam delivery
  • Attacks (DOS, Brute Force, etc.) are launched on other servers from your website.

Possible consequences of checkdomain

- Depending on the severity of the incident, it may lead to a partial or complete suspension of domain and/or webhosting package. For example, a partial block would only be the sending of email via PHP.

- Normally the customer will be informed in advance and given 24 hours to solve the problem.

- In particularly severe cases (extremely high server load, dispatch of several thousand emails in a short time) to protect our other customers.

- Sending spam can lead to blacklisting, high server load limits the complete scope of services.

Was this article helpful?

Thank you very much for your review!

Thank you very much for your review!

You have already rated this item.

Thank you for your time.

Do you require assistance?


Telephone support

Domains worldwide


  • .at
  • .ch
  • .de
  • .eu
  • .fr
  • .it
  • .nl
  • .uk
  • .es
  • .pl
  • .me
  • .li


  • .ae
  • .cn
  • .hk
  • .in
  • .io
  • .jp
  • .my
  • .la
  • .sg
  • .tw
  • .ps


  • .biz
  • .com
  • .info
  • .mobi
  • .net
  • .org
  • .travel
  • .xxx
  • .pro
  • .jobs
  • .name
  • .aero

New domain extensions

  • .online
  • .sale
  • .reise
  • .hotel
  • .xyz
  • .ruhr
  • .restaurant
  • .coupon
  • .video
  • .bayern
  • .berlin
  • .hamburg
  • .koeln
  • .london
  • .reisen
  • .saarland
  • .wien
  • .bio
  • .business
  • .events
  • .haus
  • .immo
  • .immobilien
  • .international
  • .versicherung

Companies that trust us

Other products you might be interested in

Concentrate fully on your project! Performance and security included.
Optimize your Web site and achieve top rankings.
Website optimization
SSL Certificates
For your site, more safety protect yourself from hacker attacks.
Quickly protect