Everyday websites around the world get hacked – from small businesses right through to global organisations.
Recovering from a hack can be overwhelming as you restore your website, update your security measures and work on steps to ensure a repeat of the attack doesn’t happen again.
There are some important steps to follow once you have discovered you have been hacked, from cleaning out the hacked code and taking back control of your website through to ensuring your website is not at risk in the future.
In this article, we share some of our pearls of wisdom including preventative measures so you and your business recover and prosper after a website hack.
Tips for recovering after a hack
Whether your computer has slowed to a slow crawl suddenly or your computer has been compromised and exposed to hackers, there are some important steps to ensure you protect your website and get it back to a secure website as soon as possible.
Here are some tips for recovering after a hack:
- Inform your host – by letting the company hosting your website know there has been a hack you can get started in the recovery process.
- Turn off your site – take your website offline and get it quarantined while you are working out the problems from the hack. You can post information and updates on your social media sites while the site is turned off. Taking the website offline will allow you to deal with any malicious code or spam files properly.
- Share the information with your followers – GitLab had an attack recently and kept their users and followers in the loop with information as the clean was happening and also information via their post-mortem after the outage was sorted.
- Verify ownership of your website – this is important as you want to ensure that the hacker hasn’t done this on your behalf during their attack. Head to Google Search Console to work through the steps.
- Change your passwords including cPanel passwords, email passwords and FTP passwords including passwords for your CMS.
- Conduct an assessment of the damage – once you have done these first steps now you can focus on a more in-depth search through the website to see what files have been modified by the hacker you will need to find out if you have any weak passwords, virus-infected computers, issues with coding or out of date software.
- Clean your website – remove any new URLs added by the hacker, review if you have any legal or regulatory responsibilities you need to consider following the attach and focus on maintaining your website to prevent future attacks. More info on how to clean your website is in the next section.
- Clean your server – do all your necessary updates and backups for the website and clone your website to ensure that you have a new file that is clean and correct (and protected from any vulnerabilities).
How to clean a hacked WordPress website
Tips for cleaning a WordPress website after an attack are outlined below:
Identify the attack via a scan of the site
This step is the first one in the clean process. You will need to conduct a scan, which you can do via SiteCheck.
Once you scan the website, then you can find out if it has been hacked or not and whether you have been issued with any blacklist warnings etc. You can also manually review any script using a malware scan which will find out if there is any suspicious code behind the scenes on your website.
You will also need to check any recently modified files to see if the hackers have updated or modified them at all in the hack and also check core file integrity.
Remove the hack
Next, you will need to remove any malware from your WordPress website and clean it so it is just as it was before the hack took place. You can do this manually or just replace with a recent backup. You will also need to clean any hacked database tables and ensure that you have checked for any hidden backdoors that have been set up by the hacker and secure all user accounts so that hackers don’t have access.
Ideally, you really want to engage the services of a professional to ensure you have cleaned your website correctly following a hack. Unless you have plenty of experience with coding and servers it is important to have a professional take care of website care to ensure the long-term security of your site and to protect the site from future attacks.
For a full step-by-step process of how to remove the hack click here.
Preventative measures to avoid being hacked
With the digital world exposing us to a wide range of security issues and attacks, there are preventative measures that should be in place to ensure you protect yourself and your website from issues.
Here are some basic measures to take to avoid being hacked:
- Be suspicious of emails and never open any emails that appear suspicious or have unusual domain names
- Always check link locations and visit encrypted sites that have secure URLs
- Avoid opening attachments that could hold virus-laden files
- Set up two-factor authentication which requires a password and a code that is delivered to your phone
- Create advanced passwords and change these regularly
- Avoid using public Wi-Fi unless you know the connection is secure
If you fear your website has been hacked get in touch with your website care provider immediately to ensure you get your website secure and secure as soon as possible.
There are a lot of things to think about when it comes to running your business. Stressing about your website shouldn’t be one of them. ChillyBin work hard to make sure your website gets the attention it deserves. Not only do we build websites that stand out from the crowd, but also we offer WordPress maintenance services that stand out from the rest.
To find out more about how our website care services speak with the team from ChillyBin today. Starting at only $88 a month, we’ll take care of everything for you, allowing you to rest easy and focus on what matters most, your business.
I hope you enjoyed reading this blog post. If you want my team to just do your marketing for you, click here.