Help! I’ve been hacked.
There is no denying it – finding out your website has been hacked is not a pleasant feeling. But don’t take it too personally. Most hacks are carried out completely randomly and can happen to the biggest and most famous of websites, or the smallest.
If you believe your website has been hacked, report it to your website designer or hosting company straight away. If the malicious content or nature of the hack is especially offensive, it may be an idea to take the website offline while it is investigated.
Often, a website designer or your hosting company will keep back ups of your website. But usually only for a limited time. So its important you report an attack on your website as early as possible while un-infected back ups are still available.
Your website designer or hosting company may also be able to inspect your website files and remove any that look suspicious.
If a back up is available, hopefully re-storing the website to a previous saved version will remove the hack. Your website designer should then take further precautions to prevent the website being hacked again by changing passwords and settings used to control the website.
Once you believe the threat has been removed, you can run a scan using a free service offered by Sucuri .
What if I can’t remove the hack or it keeps coming back?
If your website keeps getting hacked, its likely there are infected files hidden within your website that cannot be removed by simply restoring your website from a back up and are not detected by regular scans.
You will need the services of a professional company who will have the expertise to scan, remove and clean your website.
There are many websites that offer this service, and you may find someone you know can recommend one they have used before. However, we can recommend Wordfence who are one of the most popular and well respected companies for removing hacked content and malicious files from a website. Their service usually includes installation of their Premium Wordfence Security Plugin to prevent future hacks.
You may find whichever company you use to remove the hack need details to access your website settings. If you are not sure what details to give them, forward any emails you are sent to your website designer or hosting company.
Once any company has fixed your website and all is back to normal, its important to ask them what caused the infection and what steps they have taken to prevent it happening again. They may also give you some advice to help you protect your website too.
Forward any information they share with you to your website designer or hosting company so they can help you prevent your website from being hacked again in the future.