This website uses cookies

Our website, platform and/or any sub domains use cookies to understand how you use our services, and to improve both your experience and our marketing relevance.

✨ Vultr and Linode are back on Cloudways! VIEW PLANS→

How to Remove Malware from Magento Ecommerce Store

Updated on December 24, 2021

5 Min Read

Magento Malware Scan

Malware is short for malicious software. This type of software is designed to gain entry into a system without the knowledge of the owner. Once present, a malware generally goes on to create chaos. It can target the infected system itself or it can hurt other systems too.

In this world of connected devices, malware attacks are becoming more common and the easiest way to target people is through websites. When it comes to websites, targeting stores with bad security is a favorite among cyber-criminals.

Generally, it happens because store owners ignore site upkeep once their ventures start to earn. They only get involved once a malware attack hits. As Magento is the most-used store-building solution, websites built on it are mostly targeted too.

In most cases, malware attacks on Magento stores are script-based and can be fixed in a few steps.

Scalable, Super Fast, & Secure Magento Hosting

Our Clients Love us because we never compromise on these features

So, in this article, I will teach you how you can remove malware from a Magento store.

Cleaning Malicious Script From Site

The first step to check and clean any malicious code on your site is to bring an experienced developer or solution partner on board.

Create Backup

Before making any changes to your site, you must create a backup of your site’s data and files.

Magento Malware Scan

Go to MageReport and start a Magento malware scan for your site in order to identify the unapplied patches for Magento core and to find the malware scripts present in your site.

Install Missing Patches

After the Magento malware scan, you should install all the patches the scanner has recommended. Once installed, you should your Magento site in a testing (non-production) environment. You can download Community Edition patches from here.

Note: If you are on Cloudways Magento commerce hosting, simply update your version as is shown in this Youtube video.

Remove Unknown Admin Account

An unknown Admin Account is like a ringing alarm. In most cases, it indicates the failure of your website’s security. You must remove such accounts immediately. Therefore, you need to login into your Magento store’s Admin Panel. Then, go to System → Permissions → Users and then remove all unknown accounts from it.

Once done, you need to protect your current admin accounts. So, you should change the passwords of all known admin and also change the admin ID to a unique name while avoiding IDs like administrator, root, admin, and so on.

(While you are at it, you should read what our CTO said about website security in one of his talks. The talk is about WordPress, but a lot of things he said to apply on all types of websites.)

remove unkown admin account

Review SSH & FTP Users

Once you have removed unauthorized admin accounts, you should check for other entry points. As a safety measure, review all SSH and FTP users and all users who are old, unused, and unknown. Change the passwords of all active users.

Unknown Javascript Code

Till this step, I taught how you can protect the entry points from malware infections. Now, I will discuss the steps you need to take for removing malware code from your Magento store.

Remove Code From Head

Navigate to System → Configuration → Design → HTML Head → Miscellaneous Scripts to remove unknown Javascript code. Remove all code excerpts except the ones you recognize.

remove code head

Remove Code From Footer

Navigate to System → Configuration → Design → Footer → Miscellaneous Scripts to remove unknown Javascript code. Remove the code that you suspect the most.

remove code footer


Once you are done with code clean-up, you should scan your site again using MageReport to verify that the malware is no longer present.

Secure Admin Panel

Once you have cleaned the Magento malware, you need to check the protection of the possible entry flaws. You should change the front name of Admin panel in order to secure it. Furthermore, verify that your site URLs (‘app/etc/local.xml’ and ‘var’) are not accessible publicly.

secure admin panel

For more protection, you can read our Magento security tips to keep your ecommerce store safe.

Remove Google Warnings

If Google has marked your site for having malicious code, then you can request for a review after cleaning your site. The entire procedure takes a few days. Search results and browser warnings are removed within 72 hours, once Google verifies that your site is now clean. For review requests, you can get a ton information from Google Developers site.

Suffering From Persistent Attacks?

The above method will help you in typical malware attacks. Sometimes, Javascript is the reason behind the attack on your file system. This may result in recurring malware attacks. Experienced developers and solution partners are required to deal with these type of complex attacks. Therefore, if you have the budget, create a site maintenance team for your Magento store.

Keep PCI Compliance in Check

The first and the foremost thing is to add a firewall to your ecommerce store. Here are some free Magento firewalls that you can add to your ecommerce store. However, it is still mandatory that you use HTTPS security by adding an SSL certificate to your store. Cloudways is one cloud hosting platform that offers free domain level SSL security for your store.
Finally, maintain a security policy for your ecommerce store. It should include regular backups, constant security monitoring, and hack-proof payment gateway integration to your website.

Keep Your Eyes Open

It is a lifetime process to protect your site from malware. Keep your Magento software updated and visit the Magento Security Center regularly. Remember, when it comes to malware attacks, prevention is better than cure.

Share your opinion in the comment section. COMMENT NOW

Share This Article

Abdur Rahman

Abdur Rahman is the Magento whizz at Cloudways. He is growth ambitious, and aims to learn & share information about Ecommerce & Magento Development through practice and experimentation. He loves to travel and explore new ideas whenever he finds time. Get in touch with him at [email protected]


Get Our Newsletter
Be the first to get the latest updates and tutorials.

Thankyou for Subscribing Us!


Webinar: How to Get 100% Scores on Core Web Vitals

Join Joe Williams & Aleksandar Savkovic on 29th of March, 2021.

Do you like what you read?

Get the Latest Updates

Share Your Feedback

Please insert Content

Thank you for your feedback!

Do you like what you read?

Get the Latest Updates

Share Your Feedback

Please insert Content

Thank you for your feedback!

Want to Experience the Cloudways Platform in Its Full Glory?

Take a FREE guided tour of Cloudways and see for yourself how easily you can manage your server & apps on the leading cloud-hosting platform.

Start my tour


  • 0


  • 0


  • 0


  • 0



For 4 Months &
40 Free Migrations

For 4 Months &
40 Free Migrations

Upgrade Now