My website was hacked. What should I do?
If your website has been hacked The Elector team can help you get online in less than 24 hours.
- First and most important thing to do is to stay calm, smashing your keyboard won't help. The good news is that this can be solved, however, you might lose some money or you might take a big hit against your brand.
- Second step is to contact your hosting provider and let them know that your websites has been compromised and that you are no longer in control. They will make sure you get back online to your websites as soon as possible.
- Once you are back online change all password, we recommend you to use strong password (If the attacker inserted some sort of malware into your website, changing password is useless because they will receive the password too or maybe they do not need a password at all, this depends of how they hacked the website).
- Document and analyse how they might hacked the website: a) What make you think someone hacked the website?
b) When did you first noticed the issue?
c) Did you modified something on the website that can trigger and error or a vulnerability? Did you install any plugin? Did you modified any widget or changed the temple?
- Restore from backup, If you have a backup that you know is 100% clean re-upload it to your hosting provider so your user can use the website as soon as possible.
- Identify and remove the hack and modified files. This is not as easy at it sound. If you do not have a clean backup this can be a pain in the ass because most of the hackers once they get access to the website the insert malware into website code that is very hard to detect. They doing this so they can access the website any time they want without the need of a password. "Read more about Malware inserted into website code" The Elector team can help you solve this problem, otherwise there are other companies out there that can deal with this sort of problems.
- Create new backup, however, we recommend you to store it in a safe place that has no internet connection. If the backup is only stored on the server once it get hacked it can be deleted and this can be catastrophic for your company. VFEmail learned this on the hard way when a hacker deleted their entire email service including all backups.
- After the websites has been cleaned and is malware FREE check to see if the website has not been blacklisted by google (documentation on what to do if the website has been blacklisted) or other companies.
Some tips to protect your website:
- Install web application firewall
- Install security applications
- Hide admin login page (set it so only certain IPs can access it)
- Keep software up to date
- Beware of error messages
- Change your passwords frequently
- Enable login alerts
- Use CPS (helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS), SQL...etc)
- Backup frequently