What to do if your website has been hacked

What to do if your website has been hacked

Why would someone hack my site?

Before I discuss how to fix the issue of a WordPress site being hacked, let’s discuss why anyone would want to hack your website in the first place — especially if you are a small business or charity. Don’t worry, It’s not you. (More than likely) no one is targeting you and they don’t have it out for you. It’s usually for one of two reasons….

Reward: Sites are usually hacked in bulk. Say a hacker uses a bot to find 100,000 websites that use a certain plugin. They will use an algorithm that sends millions of attacks per second. If he/she gets into 5 sites and install an ad for a performing enhancing drug, he/she will be paid accordingly. The hacker may not ever even see your site or know the name of your business. Hackers also hack for the reward of identity theft.

Practice: Many hackers (usually younger ones) hack for practice. WordPress, Joomla, Squarespace, and Wix websites (just to name a few) are typically the sites with the least amount of security. Starting small and moving to more challenging activities is how anyone becomes great at anything.

How did my website get hacked?

There are many ways your website could have been hacked. The following are the most common ways that small businesses and the vast majority of websites are hacked.

Brute force.

As mentioned above, hackers primarily target in bulk using automation. This automation primarily uses “brute-force” technique. This means that the hacker has created an algorithm to guess as many username/password combos as it possibly can each second.

Weak Password/Username.

Since these algorithms work off of probability, the more common your username or password, the more likely your website will be compromised. For example, “admin” or your business name are examples of weak usernames.

Outdated Software

Think of it this way: You build a house but never make repairs to the doors, walls, or roof. Or, you buy a car but never change the oil. Eventually, holes appear and no matter how strong your locks are, intruders (humans, rust, bugs, etc.) can slip in. The software is the same way. Updates are the modern-day “repairs” or “oil changes”.

What do I do if my website has been hacked?

Move quickly. This is no time to dilly-dally. Google doesn’t care if you are the most selfless and giving non-profit in the world; if your website is hacked, you’re going to lose a whole lot more than just money. Google flags sites that have been hacked and that destroys all of your SEO scores. Not only this but if you saw a shop that had broken windows and rats running around, would you shop there?

Contact your provider. First of all, this is not your host’s fault. Remember a plumber didn’t cause the leak. Get in touch and ask their opinion — quite frequently they have very efficient ways of fixing this issue.

Were you blacklisted? Check Google Webmaster Tools and make sure you weren’t blacklisted. If you were, get in touch with their support team to try to remove it ASAP.

How do I prevent my website from being hacked?

Now that you understand what has happened and know how to clean up the mess, let’s talk about how to prevent it from ever happening again.

Use strong usernames & passwords. Check out our article on passwords.

Update. Software is updated usually weekly. Make a point to log in and update. Think of it as a weekly website oil change.

Back up your site so that if anything does happen, you have a (recent) full backup that can be restored at a moment’s notice.

Block malicious IP’s. You may notice that your admin page is visited hundreds (if not thousands) of times a day by an IP overseas. Block it!

So now that you know why you were hacked, how it occurred, and a few recommendations to make sure that never happens again. Get cracking!

If this seems a little hard to understand or maybe you don’t have the time or inclination to do all this yourself? Check out my website support plans.