How to fix a hacked website: What to do if your website is hacked?
The first thing you probably did when you noticed your website had been hacked was Google “What to do if your website is hacked?” Well, you’ve come to the right place. In this article, I’m going to sure you How to fix a hacked website. Follow the steps below and your website will be restored and secure again within 5 minutes.
See also: Best Sucuri Alternatives 2019.
How to fix a hacked website?
The first thing you need to do is simple. Don’t panic. While this might be the first time you’ve experienced, or even heard of, a website (or WordPress site) being hacked. You’re not the first person to experience it. And in most cases, fixing the issue is pretty easy.
Websites can get hacked an infected with malicious files just like PCs can. And here’s the good news, just like PCs, you can install antivirus software on your website to clean malware and protect you from it in future.
Below are the two best website antivirus software services you can use.
Best Antivirus Software for Websites 2019
If you’re looking for a hands-off and rapid way to fix a hacked website, I recommend using Sucuri. This is a cloud-based service that fixes hacks and prevents future attacks. And it’s compatible with all websites.
To get started all you need to do is sign up for Sucuri’s Website Security Platform ($199/year) and then give Sucuri your login credentials for FTP/SSH, cPanel, or your hosting provider. From here you can take back control of your website from the Sucuri website. It’s as easy as that. Sucuri also offers a 30-day money-back guarantee if it can’t clean your site’s malware. But from my experience, that won’t be the case.
Sucuri also lets you schedule regular security scans for your website, plus an excellent website Firewall feature (via DNS).
Another good option is VirusDie. This is another cloud-based service that requires you uploading a PHP file to you hosting providers’ File Manager. Don’t be intimidated by this, as it’s really easy to do. And VirusDie offers excellent tutorials and customer service to help you along the way.
Once you’ve uploaded the VirusDie PHP file to you web host you can control everything re your site’s security from the VirusDie website. This keeps things nice and simple. From here you can scan and remove any malicious files.
VirusDie also offers an excellent Firewall and gives you the option to set up regular security scans of your website.
How to fix a hacked website?
By Rob Clymo
Getting a personal website hacked is bad. It can be upsetting and stressful to put right. But, if you’re in business then it can be nothing short of a disaster.
A business website that has been compromised is not only hugely irritating, it can also be detrimental in the long term. If your customers feel nervous about the integrity of your online business then they may choose to look elsewhere in future. So having a site that is safe and secure is crucial. Keeping it that way is equally vital. It will also be better for your business in the long run.
Hacked website: Under attack
Business or personal, it’s just best to avoid the grief that comes with being hacked. So what to do if you’ve suffered this horrible fate?
Thankfully there are ways and means of returning your online content to where it was prior to a hack. Fasthosts, one of the leading UK web hosting companies, has a whole stack of staff dedicated to this area and they fall under the title of the ‘misuse team’.
Who better to ask then than these professionals who’ve just about seen it all in order to give us their take on what to do if your website has been hacked.
Hacked website: Specific threats
They recently explained to us that when it comes to hacking support, it all depends on what type of website it is, and what type of hack it is. It can really depend on the content and CMS being used.
For one example, WordPress comes with a very good tool for taking preventative measures, but requires being kept up to date and additional add-ons to maintain ongoing security. Each intrusion can be so different, and there is invariably a human element attached to attacks as much as a technical aspect.
Critical issues This they say makes outright off-the-shelf anti-hack products redundant. However, there are steps a user can take to prevent an attack from happening and tools you can use to detect one too. Of course, any site owner or administrator can also back up and restore a CMS site, but if you restore an old, out of date WordPress creation for example, it might also resurrect issues.
This is often because a user might have been working with pages and content for years, apparently ‘without problems’. Unfortunately, it’s subsequently likely they’ll enter the same scenario again, opening themselves up to the same vulnerabilities. Crucially, says Fasthosts, no site is bulletproof, and that is very important to remember.
Hacked website: Damage limitation
What then can be done if your website does get hacked? Well, all is not lost and there are initial measures you can take in order to minimize the damage according to the misuse team at Fasthosts.
However, they also underline that there is a degree of personal responsibility when it comes to looking after your own website and its content. Sadly though, not everyone has the knowledge to do this.
If the worst does happen, the first thing to do is to talk to your hosting provider about it (if your web host hasn’t already contacted you about it as their advanced systems can often detect issues).
Having done this they can offer some helpful advice, rule out their servers being the source and subsequently point the user in the right direction.
Hacked website: Rapid response
Fasthosts, for example, monitors its servers 24/7, which limits the risk, but they also point out that the end-user and their individual sites cannot be monitored by them. The level of advice they offer is based on what scripting language is being used and how they put that up to the server themselves.
Fasthosts underlines the fact that it is proactive about these matters with the dedicated misuse team who do actually contact the customer about a suspected breach. That said, this is apparently not common with all hosting providers.
Hacked website: Spotting problems
Knowing whether or not you’ve been hacked isn’t always immediately obvious either. Sometimes an attack can be a blatant attempt to take down or change a high-profile area of your site, such as a defaced home page for example.
But, says Fasthosts, this can also take the form of phishing scams or adding dubious material in low-level directories on a site, amongst other tactics. More obvious signs, they agree include a website being defaced, or being taken over by something completely different.
Often the owner can be locked out of their own site. In many cases, a user will only know about a breach when they contact them confirming that spam emails are being sent from their site. Or, a customer calls them asking why they are suddenly seeing a lot of bounce back emails when they haven’t sent anything themselves.
Hacked website: Prevent attacks
So, if you’re a website owner then the main question is – can you use third-party solutions on a hosted website to reduce or remove the threat? Fasthosts explains that it’s not quite as clear-cut as this. Again, it really does depend on what platform your website, and its associated content, is hosted on.
A WordPress third-party security tool is a good solution as one example, but it must be kept updated. With WordPress, there are also plug-ins, which are easily installed and can subsequently notify you of any potential vulnerabilities. Meanwhile, Drupal, which is another popular content management system, requires something completely different.
Hacked website: Tricky issues
But, adds Fasthosts, this isn’t a scenario like protecting your computer or mobile phone from attacks. On that front there are popular anti-virus packages, such as Norton or McAfee situation, which can often be fairly simple ways to solve issues and protect yourself.
For websites though, there are many solutions for many different platforms. It’s not a ‘one-siz- fits-all’ solution. In the case of something like WordPress, the key is to know where the helpful plug-ins are available and what to look for. This is often learned the hard way, even though searching for them from within WordPress itself is actually very straightforward.
Hacked website: Tough call
At the same time, Fasthosts helpfully points out that a hosting provider can’t place a similar one-size-fits-all anti-hack tool on a dedicated service.
The reason for this is that Dedicated and VPS hosting packages allow a user to put whatever they want on their own server. With their own space to use and their own control options on hand then it’s absolutely up to the user to run with anti-spam software or Norton, or whatever the user wants. It becomes, in effect, their property.
Of course, the main advice is to remain prudent and take preventative measures sooner rather than later. Keep the security aspect of any site updated. Change passwords regularly to ensure they remain secure. This long-term basic advice still rings true to this day and Fastshost says their blogs cover a number of these topics. And, if you’re in doubt, talk to your webhost as they’re always eager to help.
Hacked website: Stay positive
It’s very easy to get stressed out about the possibility of a hack to your website, but such attacks are still a small percentage of the huge amount of content online. So website hacks can and do happen, but it might not necessarily happen to you.
That’s no reason to be careless though. Interestingly, says Fasthosts, the same affected site can often come up again and again. In that kind of scenario they look at manual reports to identify the risk and make contact with site owners to help them manage the situation and guide them in how to go about tightening up end user security.
Hacked website: Main motivation
And what is the general intention in all this? Theft, aggravation, humiliation or all of the above? Sometimes it can be ‘just because we can’, reckons the misuse team at Fasthosts. At other times it’s far more sinister.
There are known ranges of IPs based around the world used by professional scammers and it’s not always the usual suspects you hear about in the media. Fasthosts tries to avoid risk even during the sign-up path, because they know of a particular service provider who makes it far too simplified.
This attracts fraudulent accounts and, naturally, the service providers IP is ideal for hiding hackers. Fasthosts adds that it is actually quite difficult to give specifics about something that can be incredibly varied. The approach they take is to care, educate, and do their best to keep their infrastructure clean.
Read next: Best Mac Antivirus Software 2019