While we do our utmost to prevent your website from being hacked, unfortunately, it can still happen, resulting in malware being placed on your site. The most common reason for this is poor or neglected maintenance of the website. Many people who have built or commissioned a website mistakenly assume that it will always function seamlessly. However, this is not the case; a website requires regular maintenance to ensure effective protection against hackers. On this page, we outline steps you can take if your website has been hacked, along with tips to prevent it from happening.
Forms of Disruption
A hacked website often causes significant problems. Some examples include:
- Spam being sent from our servers: This damages the reputation of our servers, increases server load, and can lead to blacklisting. In such cases, we disable the external email function to prevent further misuse and disruption.
- Malware executing a script/exploit: This can attack other websites or send spam from our servers. In these cases, we are forced to block external access to the website.
- Defacing: This form of hacking replaces your original website page with an alternative, often the index/homepage, displaying a message. In all cases, if we detect disruptions caused by a hack, we are compelled to disable external access to the website.
Prevention is Better than Cure
Naturally, you want to avoid your website being hacked. To reduce this risk, here are some tips:
- Always ensure you have the latest (stable) version of your software package installed.
- Keep all your plugins/modules/components up-to-date.
- Use legitimate themes. If you download (free) themes, be aware that these might include a "backdoor" that could compromise or misuse your website.
- Take advantage of our website security scan. This detects malware, outdated software, and vulnerable plugins/modules/components.
- Use strong passwords and, if possible, change the admin/administrator login name.
Website Hacked Anyway? What Now?
If your website has been hacked despite your efforts, we recommend contacting the person or company who built your website. They can locate and remove or repair the malicious or infected files. To prevent further infections or spam being sent from the site, you must take the website offline. This can be done via a secured directory.
How to Restore Your Website
If you manage the website yourself or are the developer, follow this checklist. It’s essential to complete each step carefully and not skip any.
Note: As of January 1, 2016, it is legally required to report data breaches. Any large-scale intrusions, losses, thefts, or unauthorized use of personal data are considered data breaches.
- Scan the computer(s) used to manage the website for malware or malicious software.
Use reputable programs like Microsoft Security Essentials, AVG, Malwarebytes, or similar software. - Temporarily disable the website via a secured directory so that only you can access it.
- Restore a backup of your website. Ensure the backup is free of harmful content.
- Update all your software packages, including plugins/modules/components if applicable.
- Remove any malware files found on your website.
- Change all passwords and use strong ones. This includes:
- FTP login credentials
- Database user credentials
- Website admin login credentials
- After completing these steps, you can make the website public again by removing the secured directory. It’s advisable to monitor the website and the website security scan closely going forward.
