As a website owner, your site being hacked can keep you up in the night. Eventually, you must take care about many things: can the potential customers or visitors discover your site, is the website content timely and relevant, is the website optimized, etc. Sadly, the attackers target the smaller sites more than the larger ones as usually smaller sites are not protected like the corporate sites. Smaller sites usually don’t have resources to identify that they have been victimized, and there are excessive smaller sites than the large ones. If the website was hacked in the malicious manner, then you are having two options. You may sit around as well as think about all ways you must have hardened the website against the attacks, or you may start cleaning up chaos and get your website working again.
In case, you have accomplished that hindsight is 20/20 as well as prefer not to worry on mistakes made, then you are ready for getting the site cleaned up. It is certainly not easy, however it is necessary. Following steps need to be taken in the chronological order to assist you in preventing the position from giving any worse.
Strengthen Your Site
The first job is to secure the site with the intention that you are not vulnerable against attack. It might be waste of time for cleaning up the site merely to have attacker coming back and damage the site again.
Take the Site Off-line
It is required due to two reasons. The first one is if search engines search the site, which is loaded with the malware and then it will be flagged like causing the visitors to avoid the site as well as sourcing the page ranking of search engine to drop. The second one is the customer or visitor can land on the site only to discover that it is infected the computer with the malware. In that case, you may be certain that they won’t come back. People may accept the web site down for some time; however they won’t agree that your site creating damage to the computer. Serving the 503 error page, having some clear content for the visitors will handle this.
Scan Computers, Which are Used for Login to Your Website
The most usual way the attackers can access your website is through stealing site’s FTP as well as administrator credentials via malware already existing on your computer. When you make login process, keystroke loggers send the information from the local computer to attacker to provide them free details of the web server. Always update the virus definitions as well as the spyware definitions with running full-system scan for both the programs. When the process is completed, download and run the Malwarebytes AntiMalware for ensuring that the computer is clean.
Change all Passwords
Change all the passwords. Begin with the email accounts and change the FTP, database, administrator, and other passwords then. Anybody else who has use of the website via FTP or the administrative, use strong passwords and the attacker will have hard time using the tools for your site to acquire access.
Evaluate the Situation in the Right Manner
Is your site has malware? What kind of attack happened? Were the pages defaced? Is the site hosting illegitimate links? Has any data been kept? All these things you should think about. If the pages were defaced, your site probably might not being used for housing the malware or troubled from the link injection. Other malicious hacks work better if admin doesn’t know that the site is already been attacked. Also, don’t ignore the possibilities or problems if the website was defaced. You also have to beware of SQL injections.
Update the Third-party Software
In case, you are using the third-party applications like Joomla, WordPress, Moodle, Drupal, etc., then update them. All these third-party software are free or open source therefore, the attackers can access their codes easily where they may get the vulnerabilities, which exist. When the vulnerabilities are uncovered, developers update software to close security holes. Additionally, ensure that all the components, modules, plug-ins, and other add-ons are also updated.
Contact Your Website Hosting Service Provider
Although, your website hosting service providers can’t do much to help you, still you can see in case, they will scan server for the backdoor and rootkit programs.
Repair the Damage Done
Now as you have blocked attacker from coming back to your website, it’s time for cleaning up the nuisance he has made. In case, you don’t desire to clean up affected files, you can delete the whole installation and start all over again. Nevertheless, unless you have the back up of your website content, you have to reconstruct it as well. In addition, you will have to check the content pages for awful links and files because the restore will place them back to your site.
- Check all the outgoing links. Ensure that your website does not have malicious links or the links to any malicious sites.
- Make your website online once again. Don’t neglect this step!
- Contact Google. Send reconsideration request and send it to Google to reconsider your site as well as restore the page rankings in case, you have suffered a downfall because of your website being hacked. All the other sites, which list the malicious websites, must also be contacted.
How to Protect Your Site in Future
As you have brought the website back on track, just keep it safe. Just install security add-ons and ensure that everything is continuously updated, ensure that the computer is free from malware, etc. You may consider enabling the log archiving therefore, you may review these every now and then. They will provide you outstanding look about what is happening within the website. Also, prefer a host, who use Web Application Firewall and help you protecting against some of the most common threats, which result into a conceded website.
You might also want to take a step in advance and get your site tested for security purpose. Avail testing services if you don’t have in-house testing facility.