5 Steps To Fully Restore Your Website After Getting Hacked
Has your website been hacked? There is no need for you to panic, stay calm and follow the right procedure to make appropriate measures.
When you have been hacked, the only solution is to try figure out the steps you can use to resolve the issue. Your website being hacked is a great issue and the process of cleaning it up can be complex.
There are different ways you can use to tell if your website has been hacked. Some of the most common ways include:
- Defaced website
- Whenever your website redirects to ‘unsavory’ site such as a pornography website or a pharmacy website
- When you are notified by either bing or google that your website has been compromised
- Your Chrome or Firefox browser reveals to you that your website might have been compromised
- When you notice strange traffic on your website logs such as uncommon big spikes in traffic from other countries.
Below are steps you need to take in order to ensure your website fully recovers after being hacked.
Check your Computer for Viruses
You need to first exclude the possibility that your computer was the origin of attack whenever your website gets hacked. Hence, you need to first check your computer for infections and viruses using virus scanners such as the EU Cleaner.
You need to ensure the attacker can no longer access the webspace, database or website. The passwords are usually managed at the customer area in your web hosting service and the admin area. As a one and one customer, you can change the passwords in the one and one control panel.
- Ensure you change the following
- Database password
- SFTP password
- SSH password
Assess the Level of Damage
Its now time to check on the level at which your site has been damaged and plan on how to proceed. You need to determine the following:
- The affected files
- Did the attacker access the website?
- Is it just a single website or a number of sites have been affected from your webspace?
- Are the sensitive information affected? Who should be informed?
- Did the attacker gain access to your database?
Remove your website from the Blacklist
Yahoo, Google, Bing and other antivirus programs have a blacklist of websites that are infected with malware. The attackers will use security holes in themes and plugins hence you need to ensure that all your plugins, themes and extensions are updated. Take time and weigh the risks and benefits before deciding on the type of plugin you will be using.
After successfully changing all your passwords and carrying out a clean backup, it is now time to remove your page from the blacklists. You can always use the Google Webmaster tools to make a new review request incase Google reported an unwanted software or malware. Google will carry out a check on your site within the next 24 hrs.
Evaluation and Passwords/User Accounts
You need to evaluate how your website was hacked. The cyber criminals will in most cases use weak points in the software or get a user data to attack your site
The attackers will always use security holes in the Content Management system like Joomla and WordPress or themes, extensions or plugins to access your system.
It is a direct attack via the admin account or FTP of your website. The attackers will always use passwords they have either determined using force or have stolen. This will present you with a higher risk for anyone who is using the weak passwords and usernames and get access to their webspace using the FTP
You will have to increase the security level of your website in order to protect it. All the affected files will be locked whenever malware is found and you will be informed.