Your website has been hacked; what should you do? Where to start from? Don’t panic. All of your data is not lost, and you will surely be able to recover back. Every day, numerous websites face the same mess, and most of them are able to get back to their previous position.
Most people ask about the same issue “what to do when your website gets hacked.” To fix all of this, you need to follow the given steps, and everything will be fine at the end.
Inform your web host and do some research
The first step must be to inform the person in charge. Inform your hosting company as soon as possible when you find out that your website is hacked. In most of the cases, your service provider will know how to resolve the problem quickly.
Also, you can do your own research, and look for online communities or helpful forums or reputable online resources, which could assist you. Then, you must seek the assistance of security professionals if necessary. As they deal with such situations on a daily basis and know exactly what to do.
Shut Down the Site
After informing your service provider, you must turn off your website. Keep the website offline until the entire issue is resolved. Your site will not be able to provide content to the users, but it isn't very worthwhile if your website has been hacked.
It is great to turn off your website so that you can complete the administrative task without any disturbance. People that are accessing your site will not be able to inject malicious codes or spam files. It will also protect your users from receiving viruses. If you know how to turn off your website, you must consult your service provider to do it for you. They will thoroughly check your site before taking it offline.
Verify Ownership of your Website
It would help if you verified the ownership of your website in the search console because it is possible that the hacker might be using verified ownership in the search console and changed your website settings. So, by checking the ownership and seeing what damage has been done, only then you can discover the nature of the attack.
Firstly, open the “search console” and sign in. Click on “Add a site” and enter your website’s URL. Bring your website back online if you have selected the option that needs access to your website. Then click on “verify,” and you will become the verified owner. Then it would help if you verified the ownership on your search console. In the search console, locate your site and click on “manage site.” Click on “Add or remove users” and check the list of owners and users listed. If you find anyone suspicious, you must immediately remove them from the list.
Impact of the Attack
The impact of the attack can vary. Check the information in the Security Issues and Message Center in the Search Console, as that information can help you determine the extent of the attack. An attacker can hack your site in numerous ways:
- Hack for the purposes of phishing.
- By distributing malware.
- Inject “spammy” content to decrease the quality and relevance of the search results.
Also, it can differ how you handle these types of hacks. To find what has infected your website, open the messages in the Search Console. You might have received messages from Google on malware, spam, or phishing. It will also show you the type of hack you experienced under the “Security Issues” tab, located in the Webmaster tools.
File System Damage Assessment
It is a more in-depth investigation. The hacker might have done several things to your website, which might include spam pages, backdoors, and modified web pages that will allow them to regain access later on.
Firstly, discover the files that have been recently modified or created, and compare them with your backup. Also, verify your server, error, and access logs for any kind of suspicious activity. Keep a close eye on the failed login attempts, and the creation of unknown user accounts.
Identify the Vulnerability
You might have more than one weak point, and some might be easier to fix than others. When you find one, don’t assume that you are done. Keep searching for more, as the anti-virus is not able to locate all the vulnerabilities. Some of the common vulnerabilities are:
- Outdated software.
- Permissive coding practices.
- Virus-infected admin’s computer.
- Weak or reused passwords.
Here are the steps that can help you if you site has been hacked. Read the article carefully to know in detail about the procedure.