Having your website hacked is one of the worst feelings in the world.
It can do major damage to your site’s reputation, especially if Google
puts a “This site may harm your computer” warning on it. You aren’t
alone as a new website gets hacked every five seconds. There goes
another one. And another. But breathe easy, HostDime has you and your
website’s back. Follow these steps to fix your malware infested or
hacked website.HELP! MY WEBSITE HAS BEEN HACKED!
The more you know about the hack, the more your host and the Internet will be able to help you. How did the hackers get in? Did this hack affect numerous sites, or were you the lone target? Was it a cPanel hack, FTP password entrance, remote file inclusion, or a code injection? Check to see if any of your data is missing, or if anything’s been added to your database, like strange uploaded files you don’t recognize. Once you have thoroughly checked your site, it’s time to ask for help.
Contact your host
Tell your host your site has been attacked and is currently down before you begin diagnosing the problem. Your host will make sure their other customers on the same server will not be compromised. They may also help find out what happened to your site and how to recover it.
If you are a HostDime client, please follow these instructions from HostDime’s Abuse Response Analyst Christian P:
Please open a ticket with our Abuse & Security Team and be specific on what you noticed was hacked, such as a defaced webpage, malware warnings, redirects, and so on.Search Twitter and Google for Help
During this time, it is vital that you avoid making any changes to any files and/or folders on the account so the timestamps stay in place for the investigation to proceed without delay. Look at it as a crime scene where a burglary was made, would you clean up the place before calling the police?
Once the investigation is completed the Abuse & Security Team will contact you via ticket reply.
If your host’s support team informs you of nothing wrong with your server, it’s time to reach out to the Internet for relevant answers. Twitter is filled with mostly friendly programmers and IT experts ready to help you out. Briefly explain your hack in 140 characters, with accompanying relevant hashtags. You may be lucky enough to find someone who went through the same issue you’re going through.
If Twitter comes up short, do a few Google searches for your hacking problem. You may stumble upon a forum discussion describing your hack or a similar one. More than 75% of forum posts on webmaster help site Badware Busters receives a reply back.
Google has also created a comprehensive section of links and videos called Webmaster Tools to help you clean up your site, prevent malware infection, and fix your hacked site. If you haven’t already, sign up for Webmaster Tools. You will need this for verification and recovery soon.
Check Your User Accounts
Scan your site’s users accounts to see if there’s been a new user created. Delete that new account to prevent future damage from the hacker. Change the passwords for all your users and accounts. ALL YOUR PASSWORDS: FTP, database access, system administrators, and content management system accounts.
Take Your Site Offline
You must take your site offline for two important reasons. One, prevent the hacker from causing further damage to your site, and two, users do not want to come to a site that gives them a scary malware alert. Stop your webserver or point your website’s DNS entries to a static page on an entirely different server that uses a 503 HTTP response code. Google promises that having your site offline briefly will not affect future ranking of your site in search results. The 503 code is a useful signal that the site will be unavailable momentarily, and the signal will work because it’s outside your compromised site.
If you are unsure on how to take your site completely offline, again, contact your host for assistance.
GOOGLE COMES TO THE RESCUE OF YOUR HACKED SITE
The majority of users find you site through Google, so if there’s a malware label attached to your site in search, no one will be visiting you. Start the road to recovery by verifying ownership of your site. Sign into Webmaster Tools using your Google account (or create a new one). Click add a site, enter in your site’s URL, and click continue. Use Google’s Recommended tab or use an Alternative method.
Bring your site back online if the verification method needs access to your site for a certain meta tag or file. Once you have clicked Verify, you’ll see a screen mentioning you’re the verified owner. You can then take your site back offline.
Back in Webmaster Tools, click Manage Site, then Add or Remove Users. Determine whether the hacker already claimed ownership of your site. If there is an user you are unaware of, delete them immediately.
Determine How You Were Hacked
Once Verified, the geniuses at Google will post a message in your Webmaster Tools letting you know how your site was hacked. Either spam content decreased your relevance and quality in Google’s search, it was a phishing attack, or it was malware related.
Fortunately, last week Google released a series of videos to help webmasters recover their site after being hacked. If the Webmaster Tools message discusses “suspected hacking” or “phishing notification”, you were hacked with spam. Read this tutorial and watch this Google video which highlights spam techniques, how to investigate your site for spam, and how to find all the affected files.
0 comments:
Post a Comment