Get started for free Log in

Knowledge base

1000 FAQs, 500 tutorials and instructional videos. Here, there are only solutions!

Knowledge baseResolve an FTP / website block
Search

Resolve an FTP / website block

This guide explains why an FTP account (and most of the time Web Hosting as well) can suddenly become blocked.

 

Preamble

  • Infomaniak uses an antivirus solution on all shared servers to combat the sending of viruses via FTP and scripts.
  • The antivirus allows for the detection of:
    • potential FTP account hacks
    • the intentional or unintentional sending of files (WordPress themes, fraudulent modules, etc.) containing malicious code lines or inclusions

 

Detection of malicious file

The antivirus scans all files sent under 1 MB to prevent any upload of viruses / spam scripts / etc.

If a suspicious element is detected, the FTP account password is automatically changed and the incriminating files on the server are locked (FTPban).

The FTP server then sends the FTP client a message of the type

550 Virus Detected and Removed: botnet.infomaniak.5.UNOFFICIAL

or

550 Virus Detected and Removed: winnow.botnet.ff.trojans.15900.UNOFFICIAL

 

What to do if the account is blocked?

If your FTP account is suddenly blocked, you will receive an email; follow the procedure indicated in it to unlock the situation. In particular:

  • Clean your site and analyze what you wanted to send to the server.
  • Check if the web applications and CMS you use are up to date:
    • The cause of most hacks comes from a security deficit in outdated web applications or weak passwords.

 

Resolve the problem definitively

To prevent your site from being hacked and blocked again, perform the following actions:

In no case should you republish the same contaminated files on your hosting as the site would be blocked again.

  • Update the web applications (WordPress, Joomla, etc.) and extensions used.
  • Delete unused web applications.
  • Change the password of all your FTP accounts.
  • Change the passwords to access web applications (WordPress, Joomla, etc.).
  • Change the password of MySQL database users.
  • Delete MySQL database users that you are not using.
  • Use a different, complex password each time, with at least 8 characters.
  • Run a manual antivirus scan on your hosting.
  • Install and use an up-to-date antivirus (regardless of the operating system).
  • Refer to this other guide if you are looking for information on monitoring and resolving vulnerabilities in hosted scripts.

If your site does not work after cleaning, it may be necessary to replace some deleted files with healthy files.

If needed, local partners referenced by Infomaniak can handle these procedures: launch a free call for tenders; they take care of everything, freeing you from technical details.

Link to this FAQ:

https://faq.infomaniak.com/1302

Has this FAQ been helpful?