With more and more websites being built with 3rd party software (WordPress accounts for approx. 25% of all websites on the internet), it is more common than ever for websites to be hacked into. There are a number of reasons why an attacker might want to hack into a website. Once a website is hacked into, it can be used to send out spam emails, infect visitors computers with malware, used as part of a DDOS botnet, or to simply display the attackers “hacked by” page for bragging rights.
So you find out that you website has been hacked into – What do you do now? The following points are generally recommended suggestions on how to clean up your account and to put measures in place to prevent it from happening again. As every website is different, and each hack can vary in the finer details, there is not one set of steps that will take care of everything 100%. Some customisation/tweaking will be needed in each case.
As using WordPress is a very common way to build a website, we will use it as an example in the following points. If you did not use WordPress to build your website, the following ideas will still apply for the most part to you (even if the exact steps to follow are slightly different).
- The number one cause of a website getting hacked is that its software has not been kept up-to-date. Make sure that all your themes and plugins, and the WordPress install itself, are kept up-to-date. It is possible to set this so that updates happen automatically without you having to do anything.
- The second most common way a website is hacked into is weak passwords. You should update all passwords that contain any information or access to your website content. For example, your WordPress Dashboard logins, your hosting account (cPanel) control panel logins, your email account logins (if you have an email with WordPress/hosting account logins), etc. When changing passwords be sure to use a long and strong password. The password ‘W3b51tePa$$W0rd123’ is a good password, ‘pass123’ is not.
- The third most common way someone would be able to hack into your website is if your own computer is infected with a virus or malware. You should have anti-virus and anti-malware software installed on your computer, and have them set to perform automatic scans frequently (weekly, if not more frequently). Software we recommend are Avast and Malwarebytes. Download your entire ‘public_html’ directory from your hosting account and scan all contents with both anti-virus and anti-malware software. Once confirmed infection-free, re-upload it to your hosting account, over-writing the original public_html directory completely.
- Often, when a website has been hacked into, an essential step you will need to take is to restore your website back to a point before it was hacked into. LetsHost maintain backups of your website and you may (should) maintain backups yourself. If you need LetsHost to restore your website from a backup, there is a restore fee of €50 + VAT per 1 hour of work required (this very rarely takes longer than 1 hour). Submit a ticket via your client area, including a time and date from when you would like the website restored, and a member of the team will be happy to assist further.
If you had someone build the website for you and you are unsure how to follow the above steps, or indeed if your website is not built using WordPress or a content management system, we would recommend you contact your website designer. Often the above work is part and parcel of what they do.