Your Site Has Been Hacked… Now What?

by-wlodek-428549_640-300x199You’ve worked hard to build your website. You keep your content current and credible and as a result, you’re seeing an upswing in traffic. Then, out of the blue, traffic takes a nosedive.  And when you start to investigate, you realize why: your site has been hacked!  Visitors may find that there’s a server error, that your site is missing all together and/or be confronted with the message warning them that your site is unsafe.

For a business owner in {ip:cityName}, few things are as stressful as having your site hacked. If you’re the victim to a hacker, here’s what you REALLY need to know.

Step 1: Do NOT Panic

It’s common to have a “freak-out moment” when you realize that your site is now missing.  But after that moment has passed, take a deep breath in – and a deep breathe out.  Then proceed…

Step 2: Contact Your Webhost ASAP

Contact your webhost as soon as you realize what’s happened since most webhosting companies offer support to help you recover your hacked website.  Your webhost’s tech support should be able to give you information regarding the hack, including how the site was hacked in the first place.

Step 3: Get Help

If your webhost is unable to assist you, you’ll need to enlist the services of a web programmer – and preferably one who is already familiar with your site.  If you used an outside third party to build your site, contact them and let them know what happened.

OF NOTE: when dealing with hacks, you want to be dealing with a web programmer and not a web designer.  Most web designers don’t have the technical know-how to troubleshoot a hack.  

Whoever you select to assist you will need the following information:

  • CMS login with administrative privileges
  • Webhosting login
  • FTP information
  • Any backups you may have

Step 4: Take Your Website Offline

This is critical!  It protects people who may still be coming to your site AND it prevents any further damage to your site.

Step 5: Remove Whatever Content Your Friendly Hacker Left as a Gift for You

Most webhosts have tools that can identify and help to remove whatever content, including malware, the hacker has put on your site.  If your webhost does not offer this, services like StoptheHacker can scan your site for the content, as well as regularly scan your site to ensure that another hacking doesn’t occur in the future.

In many instances, they will have a backup of your website on file that they can assist you in restoring it. This is the best-case scenario.  If they don’t – or the backup is old – more labor-intensive measures will be needed, which will likely include calling in a support team.

Step 6: Assess the Damage with the Search Engines

Check to see if your site is on any blacklists.  Login to Google Webmaster Tools for site warnings and address ALL issues listed.  Once this has been completed, resubmit your website to Google for review.

Step 7: Moving Forward

Only after you have completed steps 1 through 6 will your site be ready to go back online.  Unfortunately, the “fun” doesn’t stop there since if your site is hacked once, there’s a much higher likelihood of it being hacked again.  Here are a few quick tips to help prevent that from happening:

  • ALWAYS make sure your CMS is up-to-date.  There’s a reason updates are available.
  • Make sure your plug-ins are up-to-date.
  • Use a password generator to generate ALL your passwords.
  • Use different usernames and passwords for different areas of your website.
  • Back-up your site regularly

Having your website hacked sucks, there’s no easy way to say it.  The good news is that all is not lost and by following the 7 steps outlined here, you CAN get your site back online sooner than you think.  And the silver lining in the cloud?  You’ll learn a thing or two about website security in the process.






Want to know if your marketing efforts are actually working? If so, download our FREE Marketing Audit!

Just enter your name and email address below.