First of all sympathies to you if your website is hacked. It is very frustrating – not only because it creates problems for your visitors, but it is very difficult to completely remove the malware & the hack.
There are many ways to remove the hack but let’s find out the fastest & easiest way to fix your website.
To check whether your website is really hacked or not, go to http://www.google.com/safebrowsing/diagnostic?site=domain_name – here replace the domain_name with your website domain name and if your website has been hacked, it should show a warning here. It is necessary because unless the website is really defaced it is very difficult to say a website is hacked.
If it doesn’t show an error, it is still possible that your website has been compromised but it is less likely.
Steps to follow when your website is hacked
Change Passwords – If your website is hacked you need to immediately change all of your passwords such as Primary FTP, secondary FTP, Databases, Apps like WordPress. To know how to set strong passwords, follow the post How to Create Strong Passwords.
Restore Website from Backup – It is very important to create backups of your source code & databases for such scenarios. If you have created a backup of website & database that you know is not corrupted, you should reupload it to your hosting account and restore your site (and database) from it immediately.
Remove the malware – It is nearly impossible for anyone to effectively remove the malware from a website by hand. To remove malware from your files, it is recommended to use an application like Website Security Solution from Sucuri. Using this automatic malware scan feature it will not only scan files for compromises but also removes them.
Identify & Fix the Vulnerability – To prevent your website from getting hacked again, it is important to identify how your website was hacked. There are two types of vulnerabilities: Passwords & Structural Problems.
Passwords – Most of the hacks happen because the hacker was able to guess your account’s passwords by Brute Force attack. By simply changing your passwords (and using stronger passwords this time), you can prevent these attacks from succeeding in the future.
Structural – It requires thorough testing to identify such vulnerabilities. There’s a lot of security software that can perform these types of scans but, again, it is recommended to use an application like Website Security Solution from Sucuri. It will not only identify a number of different issues but also helps to fix them.
Thanks for visiting. For queries and suggestions, emails are welcome at learnweb@hostingcolumn.com.
Subscribe to Hosting Column for latest updates and posts.