My website was hacked what to do ?

Sometimes you may notice various changes on your website including changes on contents, images even spam messages can also appear on your website. This is how the website will look if it is hacked. For most of the hacks the hacking script will inject some messages to your website like ” This website is hacked ” etc. So it will affect the reputation of the website and users will be afraid to load hacked website. Here in this situation our first aim is to find the cause of hack, as there are many types of hacks first we need to find how the website is hacked.

A website hack can happen in different ways,

  • Buy compromising passwords for cPanel or any of the FTP accounts.
  • Injection of foreign scripts to the website.
  • By including some of the remote files to the website etc

If you have a recent backup of the website that is not affected, then you can immediately make the website working after restoring the account from backup. But after that you need to change all the passwords related to your account to a more secure password. Also you need to update all the CMS/Plugins/Themes/Modules etc to it’s latest versions If the CMS that you are using is not up to date then it’s 99% sure that your website files will be accessible from public to inject the codes. So won’t ever use an outdated version of CMS.

How to recover the website after hack:

For recovering a website to it’s original state after hack you need to first change all the passwords that associates to your account including CMS admin passwords, FTP access passwords, control panel passwords etc. After updating the passwords to a more secure password, then you need to update all the CMS/Plugins/Themes/Modules etc to it’s latest versions. Also it is more important to clean up the viruses on your local PC if any.

Always use updated version of antivirus software on your local computer. So it will prevent in transfer of virus to server while updating website codes or server files via ftp.

Now after all these changes made, install an updated malware scan on your server and go for a full server scan. Once the scan is completed examine all the infected files and remove the infected files.

Further more we can do a complete Security Audit on your server and can fix all the security issues on your server this will include all types of server hardening including securing Temp to prevent attackers from executing root-kits, Trojans code within the /tmp directory etc. So you don’t need to worry about your server anymore. It will be safe within our hands.

If you need our help to fix any issues on your server. Please feel free to contact us, simply email to support[at]iserversupport.com