Ever seen this image when trying to go to a website? Every day, hundreds of business websites are the target of malicious attacks. There are always people looking to take advantage of the good will you have built with your customers in order to make money for themselves. If you believe that you have been the target of one of these attacks, read on for an idea of what to do. Even if you have not been hacked, it’s a good idea to be educated on the symptoms of hackers and things you can do to prevent your site from falling prey.
1. Recognize that your site has been hacked
Here are some signs that your site may have been hacked:
- The site redirects to an unknown domain.
- Some permission files have been altered or new users have been added.
- The search engine results for your page are unrelated to your site.
- You receive an email notification from your web hoster indicating that your site has been compromised.
- Visitors see a warning from their browser or antivirus software indicating that there is a problem with your website.
If you think you have any of the symptoms from this step, then proceed to the next step.
2. Contact Your Hoster
Most times, the hoster will be able to help you throughout the entire recovery process. If your site is hosted here at iPoint, and you think your website has been compromised, you can contact our support team at (970) 266-0703. There we will be able to fully help you get your site back to its original state.
If your site is hosted by another company, then you will have to contact them through some other means. Even after contacting your hoster, it is a good idea to educate yourself on the recovery process. StopBadware.org is a great resource for learning what you can do if there is a problem during the recovery.
The following steps may be difficult for some people who are not as technical savvy. If you are not comfortable with these steps, simply contact your hoster and they will guide you through the process.
3. Stop You Site From Infecting Other Users
After your hoster has been contacted, you should take down the site temporarily. This will prevent your compromised site from spreading to your customers. Once it is down, you should start by changing all of your login and passwords related to the site.
4. Identify the source of the intrusion
Most website hacks occur from security holes. These can be things such as outdated software or plugins, insecure permissions, or even stolen passwords. Another method that someone can gain illegitimate access to your site is by logging in to your website on an infected computer. Identifying the source of the intrusion is essential in both fixing your site, and preventing another intrusion in the future.
5. Patch the Security Hole and Confirm Your Site is Once Again Secure
If you do not know how to use code such as PHP or JavaScript, then allow your web hoster to manage this step. However, if you feel confident in your ability to patch this yourself, check out these pages here and here for more information and possible solutions.
6. Bring the Site Back Online
Once you are confident that your site is once again clean, it’s time to bring it back online.
Hopefully this blog can give you some direction on what to do if your site ever becomes the target of a hacker. Always keep in mind however that it is much easier to be proactive rather than reactive in regards to web attacks. It will be more likely that you will never have to follow these steps if you follow good security practices to begin with.