With every passing year, cybercrime is on the rise. Not even the biggest and most secure websites in the world are safe. So, if you think someone might have hacked your website, it’s not a reason to panic.
You will usually see clear indications of an unwanted visit. Your browser will alarm you that your website is insecure. It will redirect you to other suspicious websites, and you’ll notice suspect visits from distant countries.
Luckily, you can still fix the issue with minimal consequences. Read this article to find out what to do if your website got hacked.
What to Do If Your Website is Hacked
- What to Do If Your Website is Hacked
- Before You Put Your Website Online – Protect It
- You Can Recover
If you see any indications of intruders on your website, don’t panic. You will need to follow some steps to make sure no further harm is done before you start cleaning the website.
Gather All Necessary Info for The Support Team
Before you start dealing with the problem itself, you’ll need to collect all your website information.
These are the pieces of data that your hosting support or your personal tech support team will need to use. The following are required:
- CMS Login: Content Management System data with admin rights
- Hosting Login: Your hosting CP with access to your weblogs and database
- Web Logs: The error logs and access logs. Your hosting service should provide it.
- FTP/sFTP info: hostname, username, and password
- Backups: If you have any website backups
Get in Touch with Your Hosting Provider
If you don’t use your own servers, there’s a possibility that your hosting provider will have more information about the hack. If you own a website hosted on a shared server, other domains on that server might also be under attack.
Your hosting provider can assist you to clean your website, especially if you’re not the only one with the issue.
Temporarily Take Your Website Offline
While you’re locating and resolving the issue, it is best to keep your website down. This way you won’t expose visitors to any potential risks.
Your hosting CP should have an option to shut down your website for some time. If you can’t find the option, you may place password protection on your main directory so visitors can’t access it.
Check Local PC for Malicious Data
A lot of time hackers access your website by breaching your local PC and stealing your website’s credentials. If you don’t protect your system from viruses, spyware, and other malicious software, you are prone to cybercrime.
Back Up All Your Files
When your website gets hacked, there’s a possibility that you are going to lose all your data. So, while you still have access to it, you should back it up to another place until you’ve fixed your website.
Also, sometimes the code may be invisible to the tech team, support, and even the server hosting team. If that’s the case, you will need to delete all the files and the database from your server.
Change Every Password
Once you or the tech team has entered, scanned, and backed up your website, you need to change every password on your website. This includes all passwords, mailboxes, FTP passwords, etc. You need to change all your previous user info.
Examine Website Files
Examine your website logs for the first instances of unusual traffic spikes, a large number of visitors from a country that you didn’t focus on, and other strange activities. This can help you to find out when the hacking happened.
You should also check all the software, third-party apps, and extensions. Check if they are up to date, and look up the internet and see if other users had issues with them.
In the end, look for a ‘.htaccess’ file. The intruder can use this file in the code to redirect your website’s visitors to a different website with malicious data.
Before You Put Your Website Online – Protect It
Once you see that the coast is clear, you should protect your website before putting it back online.
First, make sure to protect your local PC. Since this is where you administer all your website activities, intruders can get into your PC and steal your website’s credentials.
Next, always update all your extensions and plug-ins. Outdated versions can be a big security risk. Lastly, install the necessary security and web applications to further secure your website.
Also, make sure to frequently back up all your files in case you get hacked again and lose all your website data.
You Can Recover
If you are a victim of a website hack, you may lose a lot of nerves, time, and money in the process of getting it back up. But, the most important part is that it’s possible to recover from it. Just be quick to react, and don’t hesitate to ask for technical support.