when your site's been hacked

Oh no! What to do when your site has been hacked

Imagine this scenario. You sit down at your computer and pull up your website. You find links to Payday Loans. Or links to some other spammy website that you didn’t add.

All at once, the cold wash of dread runs up and down your spine once you finally put together what’s happened……….your site has been hacked.  

Here’s another stress-inducing scenario… you’re on your website and you start getting error messages, saying, “this site contains harmful programs”.  Uh oh… your site may be distributing malware. But how?

Maybe you inadvertently brought in links to harmful sites by running ads, using a free theme or uploading a bootlegged plugin. These shady links will earn your website an Insecure notice to warn off your visitors.  

Since malware on one website can potentially spread to your visitors’ sites, Google and other internet security companies – such as McAfee or Norton – protect potential visitors from malware by marking the infected website as Insecure and adding its URL to their “hacked websites” list.

If you suspect that your site has experienced a security breach, use Google’s safe-browsing tool to determine if, in fact, there is a problem and why. Simply add the domain name of the website to the end of the URL below:  https://www.google.com/safebrowsing/diagnostic?site=HackedSiteDomainName.com  

Once you determine that your site is infected, there are a couple ways you can proceed:  

If the problem turns out to be something within your control – such as an issue with your ads, theme, or plugin – uninstall the ads, change and remove the infected theme or deactivate and remove the suspected plugin. Removing the source of the malware may be enough to clean the site.

If your previous actions were not successful or the issue is that there is indeed malware injected into the site itself, you have two options:

The first and easiest way to get a site cleaned up and back in business is to restore a clean backup taken from a time before the hacking. It may be hard to know when the problem first occurred, so you’ll have to restore a backup from at least a few months back.

Restoring from an older backup may be impractical for a busy e-commerce site or a site that has fresh content added on a regular basis since you’ll lose any content added since the date of the backup that you restore.

The second option we recommend is to get an account with Sucuri and have their experts clean the site for you. After the site is back in business, Securi will continue to scan the site for a year. If  backdoors or hidden malware files show up later in the year, Securi will clean it again at ,no additional charge. This service starts at $199 unless you need their faster option.

Once you’re sure that the malware is no longer on your site, go to your site’s Google Webmaster Tools account and click on ‘security issues.’ Any problems Google continues to have with the site will be displayed.  

Once you believe the site to be clean, ask Google to review it. They’ll make the final determination that the site is clean and then remove the warning. If the warning originates from Norton or McAfee, you can go to their site and do the same.   

The following 7 tips will help you to protect your site from being hacked in the first place:

  1. Never use “admin” for your user name and create a secure password.
  2. Keep your WordPress versions, themes, and plugins up-to-date.
  3. Check for additional W
  4. P installations on your webhost and keep them updated as well.
  5. Use themes from a reputable theme developer.
  6. Download plugins to your site from the WordPress Repository.
  7. Don’t use ads for products or services if you can’t vouch for them.
  8. Host your site on a Managed WordPress Webhost, such as WPEngine, Pressable, StudioPress Sites or FlyWheel.

 

Continued Reading...

Need Help With Your Website?

Let’s talk. We can help.