Has your website been hacked? It's not uncommon to see sites getting hacked these days. Even large websites with lots of protection can get hacked. Indeed, it's usually the large and popular websites that are prone to hacking. Security is a major problem these days. And if your site gets hacked, it can get damaged in a number of ways. You could either lose all your data, or your site could lose its ranking due to a malicious software installed. So while you can do backups and stuff, you cannot prevent someone from hacking into your site. So if your site gets hacked, there are some recommended actions you should take to get it back.
How to tell if your website is hacked?
You can confirm that your website has been hacked by visintg Google Webmaster Tools. The Google Webmaster Central will let you know if there's malicious activity going on on your site, or if it has been infected with a virus that might harm other users. As a result, Google removes your site from search results until the virus has been removed. So you should check your Webmaster Tools to check for any problems that may arise, and to repair the damage done as soon as possible.
4 things to do when your site is hacked
1. Take your website down
Yep, take it down. I know it's kinda harsh, but it is the fisrt thing you should do ethically. Because if it's not taken down, it might effect other websites as well. You might want to contact your web host for this, because other sites on their system might get infected as well.
Also, change ALL of your passwords. Your site might have multiple users, or you might be using multiple FTP accounts, and so on. Change passwords for each and every account. And also monitor all of your accounts, because in all likelihood, the hacker might have created new accounts in order to make a back-door for himself.
2. Check out the nature of the attack
With regards to a hack-attempt or a virus attack, it's best to fisrt judge the nature of the attack, and then act accordingly. Your first stop should be Google Diagnostics page, which will give you information about any virus or malware present on your site. To do this, just use this URL (www.google.com/safebrowsing/diagnostic?site=yoursite.com), and replace the yoursite.com part with your site's address. After that, there's a checklist you should perform.
- Check your Google Webmaster Tools for any messages regarding the virus. You can also see pages with malware by going into Health >> Malware. Delete those pages if necessary. Hackers usually create new pages for malicious purposes.
- Do a complete scan of your computer. Check to see if there isn't any virus disguised as an image (it happens!). This is one of the easiest way to hack someone. Also, check what extensions your browser is using, and delete all the unnecessary ones.
- Use the Fetch as Google in Webmaster Tools to detect other pages with virus, and use the Link Removal Tool to hide those pages down temorarily from users and search engines, so they won't be served to users.
3. Getting rid of hacked content
Now that you know what and where the problem is, it's time now to get rid of it. Use Google Webmaster Tool's Malware page to see what pages host malware, and delete them. If you have a backup of your content, then you might want to delete all your content, and then restoring it, which should hopefully get you rid of the viruses. You can always check with Google Safebrowsing diagnostics, and Malware page to see if there's still some malicious activity left.
You should also update the management system you're running your website on, such as WordPress etc. Also update any plugins, or third party software you have on your site.
4. Tell Google you're good to go again
Once you're sure that all the viruses and malwares have been removed from your site, you should ask Google to review your sit again. To do this, go into Webmaster Tools, and click on Health >> Malware, and then click on Request a review. Google will review you site again, and remove the warning if it finds the site clean.
Remember. This method only removes that malware warning that is displayed to users. If the hacker has been spamming, you might come under a penalty. To fix that, you will need to file a reconsideration request to Google. Red our article on how to do this
Hope this tutorial helps. If there are any questions, do let us know. And keep reading :)