“My website has been hacked! What should I do?”
Being hacked is every website owner’s worst fear.
It can happen to anyone — even to the most experienced ones. After all, hackers are everywhere and we can be a tad lenient with our guards down. Ironically, most of us are not even aware that our site has been hacked especially if the hackers are taking extra steps to cover their tracks. This way, they can use your site as long as they want to do their dirty tricks.
Before we discuss the different steps on what to do when your site gets hacked, it is important that we should know the typical ways hackers access other people’s websites. This way, we can take precautionary measures to prevent this from happening (again).
The first and easiest way to hack a site is by guessing the password. So make sure that your password is a combination of letters of different cases, non-alphanumeric characters, or a mixture of both. Never use your personal information as your password. Another way to hack a computer is using malware to access someone’s log-in information. If you are using outdated software with vulnerable security in your PC, it also opens up your site for hackers to prowl around. Hackers can also hack into someone else’s website that shares the same server with you and use it to access your site. This is the reason why for security reasons, it is best to avoid cheap hosting providers!
What should you do when your site is hacked?
1. Stay calm. The discovery that your site has been hacked can be downright scary. I remembered the time a colleague of mine discovered her email account got hacked. She was so overwrought that she looked so pale and disoriented that she can’t think straight. You have to keep calm and remember that everything will be fixed in time.
2. Ask for help. Let everyone know that your website has been compromised. If you do not have the technical expertise to deal with the problem, ask for assistance from your hosting site or anyone who is familiar with your site and configuration.
3. Supply the needed information for the tech person to restore your site. This would include your content management system log-in info, your hosting info, web and error logs (you can get this from your hosting site) and file backups. Thus, it is vital that you should back up your files regularly in case something like this happens again.
4. Make sure to get your site offline while it is being fixed.
5. Clean up your site. Once you provide all the information needed, cleaning your site will start.
This process would include:
a. Changing all your passwords
b. Making a backup file
c. Examining the log files to determine how and when your site was hacked
d. Checking software extensions to make sure they are up-to-date
e. Cleaning and putting the site back online
I always believe that things, however worse it may be – happen for a reason. There is always a valuable lesson to be learned, mistakes to be avoided and knowledge added. Having your site hacked is no fun.
However, you can take steps to make sure it does not happen to you. After all, it is always better to be
safe than sorry.