The Ultimate Guide to Fixing Your Hacked Website

Quick Guide For Fixing & Preventing Website Hacks

A new website gets hacked every five seconds. By the time you finish this article, over 100 websites will be attacked.

Normally the compromise has occurred due to outdated software or inserted malicious code. You should be prepared and well-researched when it comes to hackers and how they enter your site. Here’s a quick guide to finding out if you’ve been hacked, what to do next, and how to prevent a future disaster.

Has My Website Been Hacked?

Easy ways to tell if your site has been hacked: your front page looks different, you can’t get into the administrative side, Google greets your site with a warning, or the page won’t load. Other symptoms of being hacked include anti-virus software informing you of a problem, multiple failed log-in attempts, or receiving an e-mail asking if you requested a password change.

What To Do After I’ve Been Hacked?

Ask for Help. Time to reach out to the Internet for answers. Twitter is filled with programmers who may be able to help you out. Briefly explain your problem and you might be lucky enough to find someone who went through the same thing you’re going through. You can also do a quick Google search of your hacking problem. There could be a forum discussion happening somewhere describing a similar situation.


Find Out Exactly What Happened. How did the hackers get in? Have any of your clients accounts been tinkered with? Was it a cPanel hack, FTP password entrance, remote file inclusion, or a code injection? Was this a giant hacking job that affected numerous sites, or were you the individual target? Multiple questions arise as you assess the damage and see if any data has been stolen. While checking to see what’s missing, also look for anything that’s been added, like strange uploaded files. The more you know, the more the support team and the Internet can help you.


Take the Site Offline. People don’t want to come to a site that’s under construction or giving them scary alert messages from their anti-virus software. Take the site down and make sure you have fixed everything before people return. If customers come back to your site and it’s still glitchy, they are less willing to trust your site going forward. Create a landing page informing clients that you are currently fixing the problem. To prevent Google’s robots from crawling your site and lowering your search ranking, return a 503 status code showing your site is down for maintenance.

How To Prevent a Future Hacking.

Backup All Your Data and Files. Saving and backing up your information should be done as often as your schedule allows. This is of the utmost importance as you may be able to restore your latest backup if your site goes down. If your site has regularly visited forums, backing up your data should be done almost daily, so that even the latest posts won’t vanish in the event of a hack. For more information on this, check out our Backup Primer.


Change Your Password. Do this for every single account you have. This includes cPanel, FTP, WordPress, Google, and everything else you use in accordance with your website operation. Make sure neither account has the same password. Your new password must be very hard to guess. If you can memorize the password, it’s probably not secure or unique enough. Fill your passwords up with non-alphanumeric characters where possible. Delete your old email accounts once you are sure you don’t need it anymore.


Don’t use Generic Usernames. A hacker’s job will be much easier if your log-in username is something like “admin”, “administrator”, or “site owner”. Try to make your username as unique as your password.


Protect the Comment Section. Comment sections are a great relationship between owner and consumer, but it’s also an easy place for hackers to invade. Validate the form input before any comment is accepted to strip out most HTML tags. WordPress has a keyword filter that you can tinker with to prevent any malicious code.


Keep All Programs Updated. Make sure you have the most updated programs on both your hosting account and your desktop computer. Update WordPress and Joomla to its most recent version. Flash can also cause problems on your desktop if it’s not the latest update. These programs are used by millions, so it’s no wonder many hackers work day and night trying to hack it.


Don’t Place Unused Files into Your Site’s Web Root. Remove these files and directories from the public_html folder as soon as you are finished with them. This forgotten content can be used by hackers to infiltrate your website. Be sure to never leave those files and directories with write and execute permissions (777 permissions) in your web root. This is dangerous because hackers can exploit these insecure scripts to run their files from your host account.


Keep Up to Date with the Security and Bug Fix Releases. Always keep an eye out for the latest fixes and releases for all the scripts you are actively using. You must regularly monitor the web sites of the developers whose scripts you are running. Don’t hesitate to install these quickly as sometimes hackers will try to exploit recently outdated scripts with confirmed security flaws.


Upgrade to a Dedicated or Cloud Server. If you are on a server thats being used by others, ask your host about the status of the server. If one person on your server gets hacked or sends out harmful spam e-mail, there’s a possibility all websites and data on the server become compromised. Prevent this potential disaster by upgrading to your own dedicated or cloud server, which will be more secure than a shared server.

How Can HostDime Help?

In order to receive the quickest support, try to get down on the back-and-forth interaction by having the following information ready to go:

  • Your username and password attached to the server.
  • Your PIN number, located on your Core dashboard.
  • Your domain name.
  • What software / version is your CMS?
  • Full description of the problem.
  • How can we replicate the problem?
  • Any prior history or reoccurrence of the problem? When did the issue begin?
  • Are you receiving any error messages? If so, what specific error is it?
  • Did you change anything recently that might have caused this problem?
  • What result are you expecting from us?

If you are a colocation client, be sure to include the cabinet location, physical name of your device, and go into detail regarding the problem and what you would like done.

HostDime recently partnered with Sucuri, the industry leader in website security. They offer a full website security platform for malware removal and monitoring, and a website firewall service to stop hacking attempts and offer DDoS protection. Go here for more information.

Thanks for reading, and be safe out there!