Help! I’ve been hacked!

There is no call that strikes fear in the heart of a business owner quite like the one where your friend calls and asks, “Um, have you looked at your website recently? It looks like it might have been hacked.” Ugh. What do you do when you realize your website was hacked?

Website Hacked

  1. Have backed up your site recently. Yes, I realize it is a bit odd to start this list with an item in the present perfect tense. But, I am assuming most of you reading this right now haven’t been hacked yet. I have caught you in time! Before it happens, get in the habit of backing up your site regularly. Your options are much better and trust me, the pit in your stomach won’t be as deep if you know there is a recent backup of your site that exists in the world. There are many good options for WordPress plugins that automatically back up a WordPress site on a regular basis. One that Spring Insight uses for its clients is ManageWP. This service allows us to run full site backups; to manage updating WordPress Core, Themes, and Plugins; and to scan our website for malware.
  1. Take a deep breath. This is one of those moments where people tend to freak out. Calm down so you can properly assess the situation. What is leading you to think your site was hacked? Does the page now show a huge Viking with a “HACKED BY BAD GUY” message? Is something funky going on with a feature? Is your site full of ads for an “all-natural” Viagra alternative? Gather as much information as you can.
  1. Google what you know. I have found Google to be a great place to start. You probably aren’t the first person to experience what you are experiencing. See what you can learn from others who have gone through the same process. You will be surprised at what you can figure out from Googling a few simple search terms. So start investigating.
  1. Call your web host. You might not be the only one experiencing this. Many times if you are on a shared server, whatever is impacting your site is impacting others. It’s worth checking to see if the hosting provider is dealing with the issue or should be. Although the hosting provider usually will not do the work of cleaning your website, they will provide assistance in finding experts who will do that for you. Also, some WordPress hosting providers, like WP Engine, offer daily full site backups as part of their monthly service plan.
  1. Call your friendly neighborhood technology crew. Sometimes, you just need a bit of help. If you don’t have the right technical know-how on staff, your best option is to call in support. IT people deal with hacking on a regular basis. They know all the tricks of the trade and depending on the situation, can talk you through finding and removing the hack or do it for you. They can also help you to reinstall elements of your site. Reinstalling can be very effective because installers often overwrite existing files and hacks often work by adding new files to your website.
  1. Secure user access. Once you are up and running again, you will want to look at who has access to your website and make sure everyone has proper user credentials. Yes, this means changing YOUR password to something complicated that will be hard to remember. But, that isn’t all it means. It also means checking to make sure that only the people who should have access to your website have access to your website. That temp you had two years ago? Make sure her account has been deleted. For those users remaining, their passwords will also need to change to be unpleasantly long and complicated.

Being hacked is not the end of the world. Yes, it’s not fun. Yes, you feel vulnerable. Yes, you will likely have to spend some time and money getting everything working normally again. But you will recover from this. So, like the song says, “don’t fear the reaper…errr hacker.”