Has Your Site Been Hacked? Here’s How to Handle It
April 5th, 2016 by
April is National Stress Awareness Month. And I can tell you, working at an online marketing firm, nothing can be more stressful than when a website gets hacked. Your day will start normally, and then comes the discovery. It can happen in a variety of ways. Some of the more common instances include no longer being able to access your site, finding that your site has been redirected to a, shall we say, “not so wholesome” website, or discovering that the content on your site has been compromised. Other ways you may be alerted of a site hack include a notification from your web browser or a message in Google Search Console/Bing Webmaster Tools.
Step 1 – Take a deep breath
Site hacks are more common than you think. You will get through this.
Step 2- Change your passwords
In order to prevent further harm to your site, you will want to change your passwords right away.
Step 3 – Call in the troops
This step involves a two-fold approach.
First, you will want to call your hosting company. It is not likely that this company will be able to clean up the site for you. However, they deal with these things all the time and can provide valuable insight into the situation.
Next, after speaking with your hosting team, contact your web developer. One of the first things you will want to let them know is whether or not you have a backup of your site. If you do, great news! This means they can restore your website from an earlier pre-hacked version. If you do not have a backup of your site, all hope is not lost. This just means that they will need to go the more labor-intensive route by manually removing the hack.
Step 4 – Plugins, plugins, plugins
If you are using WordPress as your CMS, make sure to update all of the WordPress plugins on your site to latest versions after your website is restored. You will also want to delete any inactive plugins. Hackers can sometimes hide their “back door” within these plugins. This allows them to circumvent the standard login procedure and gain access to the server remotely.
In addition to updating your plugins, you will also want to install Sucuri WordPress Auditing, a free plugin that scans your site for malware issues.
Having your site hacked is a stressful and frustrating process, but it is something you can recover from with some hard work and help from your support team.