Help, my site is hacked! How do I recover my website?

How does it happen?

The most common entry point for hackers is to exploit known security holes in commonly used software. If you do not maintain your website with security updates, it is just a question of time before your site will be hacked.

What do hackers do to my website?

Hackers usually try to steal credit card information, personal information or gain control over server and network resources to use it for spam distribution, landing pages for infecting visitors with malware or phising.

What is the best way to avoid being hacked?

  • Make sure you maintain your code base and system according to best practices
  • Only use plugins, extensions and libraries from trusted sources
  • Use a code revision system and have routines for deployment
  • Enter into a contract with an agency that will do the maintenance for you within a guaranteed time frame
  • The faster it is done, the more secure you are

How can I know when my website is hacked?

  • We notify you that your site is hacked or being abused. We do monitoring and work closely with upstream network providers
  • Site features stop working or change behaviour
  • New files show up in the working tree of the website
  • If you are unsure, ask us or your development partner

What should I do when my website is hacked?

  • Close access to the website from the internet (we often do this prior to you getting a notification)
  • Rebuild the website and database from safe, non-hacked sources and publish to a new web space
  • Enable the website again
  • Rebuilding a website from safe non-hacked sources is usually a lot of work. Taking short cuts will only get you hacked again. Doing this job usually takes at least a couple of days, depending on the size and complexity of the site. Good routines can reduce the workload, but the cheapest insurance is to properly maintain your website