E-Mail has been successfully sent.
FAQ #329
Artikel editieren
Artikel weiterleiten

Guide to unblocking your package

This article provides a step-by-step guide on what to do if your package was misused to send spam emails or malicious software and was blocked by the Abuse Department as a result.

Please be aware that we can only provide general information on how to clean up your web space at this point and do not deal with individual cases.

If you have received a written notification from the Abuse Department concerning a case of abuse, perform the following steps and then respond to the email to unblock your website.

Table of contents Table of contents

1. Clean the PC or laptop

The cause of the problem may actually be found on your PC or laptop, even if your web space is affected.

Use an anti-virus or anti-malware program to scan all PCs. The scan will recognise any viruses, Trojans, malicious software or key loggers that may be present. Proceed in the following order:

  1. Anti-virus/anti-malware program: Check your computer to see if it is infected by e.g. viruses, Trojans or other malicious software. The Federal Office for Information Security (BSI) explains what to look for when choosing a virus scanner.
  2. Remove the malicious software: Regularly run a scan to detect any viruses or Trojans on your computer or laptop. Immediately remove them if you find any.
  3. Change your local passwords: Change all the passwords on your computer. Make sure that you use strong passwords and never the same ones.

2. Change all passwords

You need to change all passwords as it is impossible to know whether someone has gained access to them. Create new, strong and above all different passwords for each STRATO access. In particular, they are the master password, the password for SFTP access and other access points for your packages.

These include:

  • Password for your STRATO Login (incl. the package login) and the master password
  • Password for each FTP access in your package
  • Database passwords
  • Passwords for your email addresses
Please note: You must change your master password to gain SFTP access and be able to remove corrupted files!

3. Clean up the web space

Please use SFTP access to have access to all files. Read this article for a step-by-step guide on how to connect with your web space using an SFTP program. Once you have successfully established a connection, you will see an overview of the folders and files in your web space.

Check whether there are folders and files in your web space that do not belong to your website and whether correct files have been changed. In this case, the last modified date of the files (for instance) can indicate whether malicious software or scripts have been injected onto your web space. But please bear in mind that the last modified date may also have been manipulated.

Remove all the files that you consider suspicious.

If you have already created a website backup without any corrupted files, we recommend that you delete the entire web space and then upload the non-corrupted backup. Run an anti-virus program before uploading your backup and select an older, non-corrupted backup if necessary.

STRATO Backup Control gives you access to a large number of your website backups from the last four weeks and scans each of them individually. You can therefore create a complete backup of your website files with just a few clicks.
You will have to create the backup yourself if you use a content management system like WordPress or Joomla.

4. Go to the STRATO Login area and start a web space scan

Once you have completed the above measures, start a web space scan in your Customer Login. The web space scan helps you to unblock your website by checking your web space for corrupted files. Your website will be unblocked automatically if the web space scan does not detect any remaining corrupted files. To perform the scan, click on Go to web space scan in your package overview:

Go to web space scan

Then click on Start web space scan:

Start web space scan

Take note: You can run a web space scan up to 10 times in 24 hours.

5. Update the content management system

After activation, please modify all passwords for accounts with administrative access to your content management system (such as Wordpress). Following that, please update the last version of your CMS.

In the event that we have restricted access to your package for security reasons, perform these steps once complete access is restored.

6. Preventive measures

  • If you use a CMS such as WordPress, Joomla or Typo3, always make sure it is the latest version and update the system accordingly. Older versions often contain security vulnerabilities.
  • Change your passwords regularly, at least once every year. Please use sophisticated and complex passwords, and use different passwords for different services.
  • Protect your web space. The free STRATO Siteguard enables you, for example, to disable SFTP access to your package so that no malware can be downloaded via this route.
  • Use encrypted transfer protocols like SFTP or SSH for connections to your web storage space.
  • Special plugins are available for some CMS like WordPress that make it difficult for attackers to inject malware or malicious code or even take control of your system. It is worth checking which plugins are available for your CMS and whether it would make sense to use them.
Was this article helpful?
Info: 364b24de2a6016c3dcd9ed855e8e3b7280bebcbe