Sucuri Docs > Malware Removal

Malware Removal

Malware remediation is a core function of what Sucuri offers under it’s Website AntiVirus product line. To initiate the security response associated with your plan, you will need to submit at ticket so that our analysts can take appropriate actions.

It’s important that every ticket submitted is associated with a domain on your account as it’s how we track and account for customer plans.

How to initiate a Malware Removal request?

Please open a malware removal request ticket. This option is made available when you first subscribe to the service, and is readily available via your Support Dashboard:


This will take you to the Malware Removal form:


Be sure to select the domain you are interested in. This domain should be the domain that is having the issue. It should be the domain in your monitoring dashboard, and will be the domain that the analysts inquire about.

There will be a few key elements we require to start the process:

I’m having trouble with: This item will allow you to give us more information about the issues you are experiencing with your website. Our analysts will receive that information and make sure to address all the items selected.

Connection Type: This tells us how to connect with your server. The preferred and most secure methods are SFTP or SSH, but we do allow for FTP connections and cPanel credentials if you are unsure about (FTP/SFTP/SSH).

FTP stands for “File transfer Protocol” and SFTP for “Secure File Transfer Protocol”. This is a connection used to log into servers to edit/add/remove files. We need this to log into your site and begin the cleanup process. If you do not know where to find your FTP/SFTP information, please contact your hosting provider.

This information can be found in your hosting accounts support panel, and we also provide a section in this KB dedicated to some of the more popular hosting providers: Hosts – FTP Instrucitons. We encourage you to visit this instructional page, but know that our team is able to assist if required.

If you do know the connection type, please select the Other / Don’t Know option in the connection type drop down and provide us with access to your hosts administration panel (cPanel, WHM, etc).

Note: This is not your CMS administration panel (i.e., WordPress / Joomla! admin), this is the account you use to log into your host: GoDaddy, HostCow, SiteGround, etc..

Once everything has been filled out, just click on “submit request” and you’re all done!

After we receive your ticket we will have your site cleaned within the next few hours. You will receive an email if we need clarification or once we have an update on your case. If you have questions, please update the ticket.

FTP/SFTP host: This is the name of the server that we will need to connect to.

Username: The username we should use to log into the server via the connection type identified above.

Password: The password associated with the username for the server that we need to log into.

Connection Port: Depending on your server, you might have different port configurations we need to use. By default, we’ll try port 21 for FTP and 22 for SFTP. If you have a unique configuration, we encourage you to add it here so that we can quickly connect.

Site Directory: Depending on your host, you might have multiple directories under one hosting account associated with different domains. It’s important you identify the full path of the domain you are requesting assistance for. Not doing so could cause delays in cleaning your site.

We are traditionally very fast to respond, but some of the biggest delays come from incorrect credentials. It’s important you work with your developer or hosting provider to verify the details of how to connect to your server. If Sucuri agents cannot connect or gain access to the environment, they’ll be unable to work on your site.

Was this article helpful?