Remove malware from my site
If the Website Security monitoring service detects compromises or vulnerabilities, it will alert you to an issue via email. In order for us to clean the site, you'll need to submit a malware removal request.
- Go to your GoDaddy product page.
- Under Website Security and Backups, select Manage next to the Website Security account you want to clean up.
- Near the top of the page, select Request Support.
- From the dropdown menu, select Malware or Blocklist Removal Request.
- Select your domain name, the issue you're having, and then select Submit Request.
Note: If you don't find an option in the drop-down list that describes your issue, please create a Website Security support ticket by selecting Back to Support > Product Support > New Ticket.
- The request form may ask you to add your Connection Type. The Website Security team uses this information to access your files and clean them. Since most hosts use FTP, enter your FTP information including FTP host, port, username, and password.
- cPanel customers: Find my FTP username for Linux Hosting
- Plesk customers: Find my FTP username in Windows Hosting
- Managed WordPress/Web Design Services (WDS) customers: use SFTP instead. See Upload files with SFTP on Managed WordPress hosting and use steps 1-5 to find your SFTP information.
- Select Submit Request.
The Website Security team may contact you for additional information if needed. To view your open tickets, see Get Website Security help. You’ll be emailed when the malware removal is complete.
Note: If your site is hosted with GoDaddy, an FTP user is created within your hosting server that begins with "SEC_". Don’t remove this user as it’s how Website Security accesses your files to clean them. Once the malware removal is complete, the user is automatically deleted.