If you’ve been recently hacked, then it’s crucial that you don’t panic. It is not the end of the world, but you will have to put some time into removing the implications of the attack and take measures to prevent your website from ever getting hacked again. We’ve put together a guide to not only aid you in recovering your hacked website, but also strengthening it so that it never happens again.
There are several ways to tell that you’ve been hacked. The most noticeable of which is that your website was defaced. When this happens you’ll wake up to find that your website is no longer available, but instead may take you to an empty webpage that says you’ve been hacked by so and so or that it redirects you to another website. However, in many cases a hacker will cover his or her tracks so that you won’t even notice that you’ve been hacked. In this case, a couple ways to tell that your site has been compromised include Bing or Google informing you that there’s been some unusual activity on your site or that you’ve noticed some unusual traffic in your weblogs.
It’s recommended that you shut down your website temporarily while you assess the best means of fixing it. You may be able to do so through your hosting control panel. However, if not then you need to protect your main directory with a password to block any visitors from going on your site while it has been compromised.
Your hosting provider will often give you the necessary tools to remove the malicious content that was put into your site by hackers. However, if your hosting provider does not, then you may want to search online for a site that will scan your website and remove the malware for you. After you’ve removed the malicious content, you should regularly scan your website to make sure that it remains secure.
Besides scanning your website for malware, you’ll also want to scan your computer(s) with an anti-virus software to ensure that it isn’t compromised with any spyware, malware, Trojans, etc. Make sure that you are using updated anti-virus software before scanning your computer.
If neither you nor your staff have the right technical expertise to deal with a hack, it’s best to call a support team to help you. This should be someone who has both technical expertise, as well as some familiarity with your website and so may include your hosting provider or web developer. Although your hosting provider may not actually do the physical work of helping clear up your hacked website, they will often provide you with assistance in the best steps to take.
You should keep track of what your support team is doing to remove the hack and diagnose your website. For instance, make sure that they have changed all of your passwords including for your ftp, database, website logins, etc. They should also make a backup of your website for inspection and examine all of your log files to confirm your site was hacked. Lastly, they should examine your software extensions and make sure they are updated and don’t have any vulnerabilities, as well as review your custom software code to see if there are any obvious security flaws. The last step will be to clean your website and put it back online.
If your website has been blacklisted because of the hack, then this will impact your website’s SERPs and SEO. To see if it has been, simply log in to Google Webmaster Tools to see if your site has any warnings. Once you’ve removed the hack, you may have to resubmit your website so that it can be removed from the blacklist.