How does GoDaddy Express Malware Removal work to clean malware?

7 min read
Hugo Organista

Malicious software, also known as malware, is becoming increasingly popular, with an estimated 1 million new malware threats being released every single day. Infecting a website with malware provides a hacker or a cybercriminal access to sensitive data, and can prove to be costly and damaging to both large- and small-sized businesses. It can be a daunting task to clean malware, especially for a smaller business.

clean malware example
Back in 2014, was flagged by Google, displaying the above malware example.

Malware attacks have the potential to leave even a larger business with a crippled online presence that can take days or weeks to recover from. The aftermath of a malware attack can be time-consuming for webmasters who are left to find, delete and clean malware on an infected website.

Business websites can also suffer from being blacklisted on search engines like Google.

This will cause a big red message to display, alerting visitors to stay away. A message like this can be alarming and turn away profits from potential customers to the business website. In such cases, having a proper service to clean malware becomes a top priority. Warnings like these will stay visible on the infected site until the site owner has completed a full malware cleanup.

Where does malware come from and how does it infect?

The early developments of malware were created to deface and vandalize websites, sometimes as a prank. Today, malware is being created and distributed by organized cybercrime groups and individuals.

Targeting vulnerable website platforms

Many malware attacks target vulnerabilities in application-based platforms like Joomla!, Magento and WordPress — the most popular content management system (CMS).

The CMS of choice for today’s businesses, WordPress is also one of the most targeted and vulnerable applications for malware attacks for various reasons.


Content management systems, such as WordPress, require security updates to both core software and installed plugins and extensions (most of which are created by third-party developers). Too often, busy business owners with limited technical resources neglect to perform necessary updates and patches, leaving their websites ripe for a malware attack.

Hackers can infect vulnerable websites with malware that does all sorts of bad stuff, including:

  • redirects website traffic to other sites.
  • corrupts and destroys databases.
  • runs rogue and undetectable spam or fraudulent email blast campaigns.

Malware + brute force attacks

Brute force attacks are another common way malware can infiltrate a website.

Using this method, a script or bug can target the login screen of a CMS’s administrative panel, entering every imaginable username and password combination until it is eventually granted access. Too often, these attacks are detected after the damage has been done.

Detecting malware

If you’re not sure if your site has been infected with malware, you can use Google’s free Safe Browsing Site Status Report that will scan your site for signs of an infection.

If you are an advanced web developer and are comfortable looking into your website’s files, you can also check the most common files for infection: .htaccess, WordPress core files (file names usually begin with “wp-“) and any file names that you do not recognize. Typically, malware is encoded in Base64 format.

Another option for detecting malware is to sign up for GoDaddy Website Security. All packages offer unlimited malware scans and removal, plus identification of blacklisting issues that could prevent you from being found on Google. This no-hassle protection makes it easy to keep your site clean and secure — without the need for combing through web files on your own.

godaddy malware cleanup infographic

Delete malware on your site

It’s incredibly difficult to clean malware by hand. Unless you’ve spent countless hours scrubbing sites before, the technical aspect might be too much for the average small business owner. The good news is, there’s an easier way. There are other automated solutions, like GoDaddy Express Malware Removal, that take care of the legwork for you. All you need to do is provide us with a little bit of information, and we’ll get to work. We won’t stop until it’s clean, so you can rest assured your site will be up and running in no time.

Steps for using GoDaddy Express Malware Removal to clean malware

  1. Purchase GoDaddy’s Express Malware Removal.

  2. Go to My Products and select Website Security.

  3. Enter the domain name of the infected site.

  4. Click Request Cleanup.

  5. Note the malware problems you’re experiencing.

  6. Provide your FTP or sFTP credentials.

  7. Submit your request.

1. Purchase GoDaddy Express Malware Removal

Visit GoDaddy to purchase Express Malware Removal. With an expedited, 30-minute response time, your site will be fixed in no time.

2. Go to My Products and select Website Security

Once you’ve purchased Express Malware Removal, the product will appear in your account. Navigate to your account, view your products, and then click on Website Security. Click Setup for Website Security Express.

3. Enter the domain name of the infected site

Type in the domain name of the site in question. Then, click Get Started with Website Security.

clean malware get started

4. Click Request Cleanup

After entering the domain, you will be prompted to request a cleanup. Do so by clicking on the Request Cleanup button.

malware cleanup request

5. Note the malware problems you’re experiencing

It’s possible that you could be dealing with more than one instance of malware. Check the boxes next to all possible issues.

delete malware issues

6. Provide your FTP or sFTP credentials

Our team will use this information to access your files. These credentials are necessary for us to delete malware and clean your site.

delete malware ftp

7. Submit your request

That’s it! Click the Submit Request button, and you’re done. You can monitor the status of your request from the Cleanup tab within your account.

malware cleanup monitoring

Best practices for keeping malware off your website in the future

After your Express Malware Removal has been completed, follow these basic and simple tips to keep your website secure:

  • Update your core files, themes and plugins within your CMS regularly to stay on top of any changes or vulnerabilities.
  • Install an SSL certificate to help protect your visitors’ sensitive data.
  • Install a Web Application Firewall (WAF) for proactive malware protection.
  • Run scheduled malware scans with GoDaddy Website Security, powered by Sucuri.
  • Keep installed plugins on your site at a minimum, and remove any that are not necessary.
  • Limit authorized access to your website.
  • Change your passwords every 90 days.

And, of course, if you run into issues again, GoDaddy Express Malware Removal will be there.

Proactive measures

Most services that clean malware will only scan and perform a malware cleanup after the attack has happened. With a Web Application Firewall (WAF) you can be proactive and stop attacks before they even happen. Attacks like SQL injections, cross-site scripting, brute force and zero-day attacks can all be prevented and stopped by using a WAF.

For eCommerce websites that collect sensitive information, like credit card numbers and home addresses, we recommend practicing additional security methods to ensure the safety and privacy of your customers.

GoDaddy Website Security, powered by Sucuri

We take security seriously. GoDaddy offers a variety of security products that can help lock down and protect your online business. We work by first scanning and taking a deep dive into your website’s files to find malicious malware and clean malware. If malware is found, you will be notified immediately and will be given the option to submit a cleanup request. From there, you can sit back and let our team of security professionals go to work for you.

Products Used