What to do if Your Website Got Hacked
What to do if “My website got hacked”
For a long time, hacking only used to happen to large companies and was usually the subject of headlines. In the last few years, however, more and more small business owners are saying “my website got hacked” and they have hear other entrepreneurs in their industry complaining about this same problem. They have also heard about the dire consequences for companies whose websites have been hacked. Actually, almost half of websites that are hacked are owned by small businesses because they are easier to hack and still return significant value for the attacker.
Having your website hacked should not feel like the end of the world. In this post we will be talking about the main signs that indicate a hacker’s attack and what to do if your website is hacked, before it is too late.
What happens if my “website got hacked”?
Worrying about a potential bad scenario can be just as bad as or worse than going through that problem. The stress lasts for months and years and can have serious consequences on your health and well-being not to mention, on your business.
One technique we recommend to use when you are worried about something is to imagine that the worst thing has happened, accept it in your mind, and imagine how you would cope with it. So, we need to speak openly about what happens when a website is hacked so you are prepared for this possibility. You should expect any of the following:
Sensitive information becomes vulnerable
Once a hacker takes over your website, they gain access to data that they can use as they like. Hackers can steal your data such as banking details and contact information and even take over the web server. Moreover, they can steal customer data, which, again, is bad for your business. You lose your credibility when you are not able to protect information provided by your clients.
You can lose data
Loss and modification of data are other issues you may face when your website is hacked. This is why it is recommended to keep a backup of your website and its content, so you can rebuild the website if you lose access to it or it is somehow deleted.
You lose money
There are multiple ways that having your website hacked impacts your business performance:
- Hacking does not compromise just your information, but also the information of your users, and they will lose their trust in you;
- Your marketing can be affected, as having malicious code on your website will lower your search rankings. Google penalises websites that are not safe for their users;
- Your reputation is affected through techniques such as cross site scripting – the hacker redirects your website to anywhere they want. Users who visit your website get pushed to a different, unrelated website and will probably never visit you again;
- Users become unable to access your products and services and you lose opportunities to sell.
List of signs that your website has been hacked
But how do you know your website has been hacked? Noticing the early signs of an attack is important because it allows you to take measures fast and mitigate the consequences. Here’s what to look at if you suspect your website is in danger:
The browser alerts you about the hack
When your website is hacked, your browser will show warning messages indicating that your website has been the victim of an attack. What happens is that you are now on the Google blacklist. Due to its strong focus on user security, Google will display a red screen warning message to discourage visitors from accessing your website.
Your hosting provider takes the site offline
If you have a reliable hosting provider, they will immediately notice your website is hacked through their IT security monitoring tools. To ensure the safety of users, the host will take down the website without prior warning.
Customers contact you
Your customers will possibly contact you by phone or via the contact form on your website. This will not feel too great, but is a good sign. It means that users still have enough trust in you to fix the issue.
Google flags your website
Google will exclude your website from being shown in search results if it is hacked and will also put a red flag on your links saying “This site may be hacked” or “This site may harm your computer”. Regularly looking at the Google search console is not stupid at all; in fact, it allows you to keep an eye on your online presence and observe potential problems immediately.
The site is loading more slowly than usual
Hacking is associated with higher activity on websites, which can slow loading times. When your website unexpectedly takes a lot longer to load, this is a warning sign.
Your emails are sent to spam
Have you noticed that nobody has responded to your last newsletter? This may happen because your emails are sent to the recipients’ spam folder. This cause is your website being placed on the backlist of your email provider, so remember to always check the results of your marketing activities.
Your website is used for unwanted redirects
Cross-site scripting attacks are used by hackers to earn money through ads or sending customers to a competitor’s website. Look for pop-up ads on your website and unwanted redirects.
What to do if your website is hacked.
When you’ve reached rock bottom, there’s only one way to go, and that’s up! Imagine all of the bad things described above have happened to you and now it’s time to make up a plan to recover.
Wondering what to do if my website is hacked? Here are the main steps to follow:
- Run a computer scan to identify potential viruses and install a firewall if you don’t have one already;
- Contact your hosting provider and ask them to analyse the situation;
- Change all your passwords after making sure your computer is safe;
- Warn your users that your website has been hacked, on your website and on your social media accounts, and recommend them to change their passwords to your website;
- Immediately back up all your files;
- Be prepared for the possibility of having to delete all your files from the server and restore your website from scratch.
How to prevent your website from being hacked.
To stay on a positive note, let’s go back to the present where your website is not hacked yet. Prevention is better than wondering – how did my website get hacked? Now it is high time that you implement some simple and effective safety measures to prevent your website from being compromised by a hacker attack:
Some threats are already known to web security experts, so read tech sites where you can find out more about current threats and how to protect yourself from them.
Improve access control
Choose usernames and passwords that are difficult to guess. Also change the default database prefix from “wp_” to something random and harder to guess.
Update to the latest version of your CMS and plugins
Updating your software is important because the latest edition often has security improvements. A couple of minutes of your time now and then can make a huge difference in terms of security and give you peace of mind. Alternatively, look for a Managed WordPress Hosting company that can manage this for you.
Tighten network security
Make sure the access route to your website servers is not easy, by implementing measures such as frequent password changes, logins expiring after a short period of inactivity, and devices plugged into the network being scanned for malware each time they are attached.
Install security software
Depending on your content management system, check their security plugins and don’t hesitate to install them. WordPress, for instance, has plugins such as iThemes Security (our favorite), Wordfence and BulletProof Security.
Hide admin pages
Don’t have your admin pages indexed – you can prevent search engines from listing them by altering the htaccess file or better still, the security plugins mentioned above can do this for you.
Use SSL protocols
SSL stands for Secure Sockets Layer and is the standard technology for keeping an internet connection secure. SSL protocols safeguard any sensitive data that is being sent between two systems, preventing hackers from reading and modifying information that is being transferred from one computer system to another.
You don’t know what to do if your website is hacked? Or better yet, you want to prevent this from happening? Visual Marketing Australia provides both web development and hosting services, PLUS Website Maintenance Packages so we know everything about website security. Ensuring the safety of your website is the foundation of effective digital marketing – count on us for everything from improving your website’s security to assessing the impact of your marketing campaigns!