Thought leadership. threat analysis, news and alerts.
What to do After Suffering a Website Hack
Even if you do everything right to protect your website, there's still a chance that someone can find a way to hack it.
So what do you do after suffering a website hack? It can be difficult to figure out where to start.
You want to be sure to get your site back up and running as soon as possible -- here are five things you need to do ASAP.
1. Scan Your Website
Before you dive into trying to fix the problem, you need to figure out exactly what happened.
Start a scan to assess the damage and figure out where your issue is coming from.
It's a good idea to download some AntiVirus software to make sure that your computer isn't the issue. If the virus is in your desktop or laptop, fixing just your website won't help.
If it's not your computer, scan your website to find the problem. Then move on from there.
2. Change Your Passwords
This seems like a no-brainer, right? But not everyone realizes how important it is to change all of your passwords after a website hack.
You need to change the password for every single access point that your website has.
While you're at it, make sure that your password is strong and is not based on a dictionary word. The longer and more complex, the better. And don't use the same password for every access point -- change it up!
If you're worried about remembering your new passwords after you've changed them, use a password manager to keep them straight.
3. Reinstall Software & Plugins
We know -- this sounds like a lot of work, and probably something you'd rather avoid.
But if you want to be sure that everything malicious has been removed from your site, you're better off removing and reinstalling your software and plugins.
That reduces the risk of a virus sticking around after your cleanup just to hack your site all over again. The last thing you want is a new website hack just after you've cleaned up the old mess.
A fresh installation works wonders.
4. Restore Your Backup
Hopefully, you back up your website often. If you do, restore your latest backup after you've reinstalled all of your plugins.
If you don't have a backup to work with, now is a great time to start over.
Think about it like an important document for work. The smart thing to do is save multiple copies or use an online storage service just in case.
Your website is just as important, so you should take the same precautions.
Use an offsite service to back up your site and test it often!
5. Make Sure Users Aren't Driven Away
How fast do you click away after Google warns you that a site isn't safe?
If Google recognized that your site was hacked, chances are there's now a warning displayed when users try to navigate to your site.
After you've re-secured your website, be sure Google isn't driving away traffic. You can check their guide for how to make sure the 'hacked' label is removed.
After you've completed all of these steps, your website should be ready to go.
Steve E. Driz, I.S.P., ITCP