Sometimes it’s obvious your website is hacked, but very often it’s hard to detect. In recent times, hacking has increasingly gone undetected allowing perpetrators the time and space to collect financial or other details, install malware and spread it out. This may cause you serious problems such as losing credibility with customers, losing traffic, etc. Therefore, in this post you’ll find simple ways to check if your website has been hacked and the first steps to follow to remedy the situation.
Ways to Discover your Website has been Hacked
– Check your website files and code for any suspicious links or embedded code. In most cases, hackers insert hidden links to malicious websites or embed code in any of these three: .htaccess files, .php files or media files.
– Use security tools. A quick security scan is always a good idea to check for any suspicious activity, malware, etc. You can turn to Google Webmaster Tools (‘Search Console’), or use any online website scanner or a platform-specific scan if you are on a content management system such as WordPress to detect malware, viruses, redirects, spam, etc.
– Visit your site regularly at least once a day. Look for any changes or strange text being inserted. PHP errors are also a common sign that your website has been attacked.
There are more obvious signs that your website has been attacked such as:
- Your website redirects to an unfamiliar site about pharmaceuticals, for example.
- Your web browser informs you your website may be compromised.
- Your website is defaced with unfamiliar sign or whole new content.
- Your web logs reveal unusual spikes in traffic to your website – usually from foreign countries.
- Your customers may alert you that your website has been compromised before anyone else. Assure them that you’re taking immediate action.
How your Website has been Hacked
The problem is part of the solution so it is important to understand common ways of attacking your website:
– Cross Site Scripting (XSS)
XSS is dangerous because a harmful string of code can sneak into your website database and capture personal information such as passwords, usernames, credit card numbers, etc. by first recording customers’ keystrokes.
– Information Leakage
It is one of the most common causes of attacks. Leftover comments from the development process of the website can contain valuable information that a hacker can abuse such as exploitable vulnerabilities, server configuration, etc.
– DDOS Attacks (Distributed Denial of Service Attacks)
DDOS attacks can crash a website by sending a lot of illegitimate web traffic to it in a short space of time, usually in exchange for ransom.
Easy Steps to Recover from a Hack
1. Stay Calm.
Finding out your website has been hacked can disrupt your business to some degree, but it will recover. Before taking action, it is important first to calm down.
2. Contact your Hosting Provider.
It’s useful because other websites may have been attacked, especially if you’re on shared hosting. Your host may give you an update on what has happened and what action they are taking.
3. Scan your Local Environment/Device for Viruses and Malware.
The first thing to do is to scan your computer/device for viruses, Trojans, spyware, malware, etc. because the source of attack usually begins from there. Make sure your anti-virus software is up-to-date.
4. Scan your Website and Remove Malware/Harmful Content.
There are useful plugins that will make scanning easier. After the scan it is important to properly clean and restore your website.
5. Improve your Access Controls.
This includes changing all access points /FTP/SFTP, WP-ADMIN, CPANEL and MYSQL/ and using powerful and unique passwords. Password generators may help.
Final Word of Caution
Maintaining a hack-free website needn’t be stressful, so to keep your peace of mind, it is best to monitor your website regularly, and be proactive with your security – regularly change passwords, keep minimum administrator accounts, etc.