What to do if your site is hacked
There are some things you shouldn’t do yourself. If you’re not technically minded and updating a plugin takes hours, you’re not the person for this job
Your logins have failed. You’re locked out and what happens next is anybody’s guess. Website hacks can be frustrating, upsetting and often quite threatening, as income suffers a direct hit and your reputation… well, it can be left in tatters if you don’t do something to secure client information ASAP.
So, what should your game plan be if your WordPress website is hacked by an internet bad guy?
Step 1: Breathe and Take Notes
Being hacked is horrible. There’s probably a big ball of stress in your stomach right now and your mind is going a million miles an hour as you start imagining money circling the drain. While it seems like hell in a handbasket has arrived on your doorstep, all is not lost. Your company can come back from this.
Pick up the phone and give your website agency a call. Grab a pen and paper while you wait for the phone to connect and ready yourself to ask the important questions. If they don’t know, insist they find out while on the phone, or if you handle things yourself, answer these questions honestly and in full detail:
Early Actions and Questions:
- Can you login to WordPress?
- Is your site redirecting to another website?
- Have illegitimate links appeared on your website?
- When did you last update your website?
- Have you recently changed themes or installed a new plugin?
- Have new user accounts been added?
- Do you have a backup strategy in place?
- Did issues register at strange times – do they indicate international activities?
- Change account passwords
- Change account passwords
- And one more time… change account passwords
Step 2: Find Out What’s Happening
Hacks can look different from site to site, in fact, not all hacks will behave the same way and not all hackers want the same things. Some people break websites just for the sport, others want the information stored behind your admin logins and a few are hunting for a new identity. While you can’t guess their motivations, you can recognise the symptoms of a hack, also known as Indicators of Compromise.
Some common IoC’s include:
- Your website has blacklisted by search engines
- Your hosting company called time on your website
- Your site is in trouble for distributing malware?!
- Reader feedback reflects problems with their AV’s flagging your site
- Your website is suddenly a weapon against other sites
- You’ve noticed unauthorised action emails popping up
- Your looks totally different when you open the browser
Step 3: Call Somebody
There are some things you shouldn’t do yourself. If you’re not technically minded and updating a plugin takes hours, you’re not the person for this job. Similarly, if your existing team of website experts cannot present a clear way forward, your brand’s security and continued reputation is better left in more experienced hands to repair any damage caused by the hack and all website updates going forward.
This isn’t about shameless self-promotion; cleaning out your website will be a long and technical task, and keeping it that way is a full-time job. It only makes sense to delegate the lion’s share to a specialist who understands the specifics of optimisation, backups, updates, security and site enhancement. Hackers are smart, opportunistic operators – make sure you have somebody who understands the way they think on your side.
Give your website the TLC it deserves in two clicks.
I Want to Do This Myself
If you’re up to the task of tackling, recovering and relaunching a hacked website, we’re right there with you. To keep you centred through what may be a very intense process, we’ve created a targeted guide for instant, non-internet dependent access to professional information. Simply save it to your phone, second device or external hard drive for easy to understand how-to steps when you need them most.
Our Door is Always Open
Chillybin maintains an open-door policy to any maintenance query. We’re always on hand to assist small, medium and large business owners in their quest for a more secure website, from recommending and implementing website maintenance packages to completely making over your security infrastructure. We’re here to keep your information safe online.