How to Save Your “Hacked” Website

Secure your website

Cybercriminals often use malware, short for malicious software to infect your website. Depending on what the vulnerabilities or the intentions behind the hack will determine which malware will be used and the extent of damage caused.

 

What are the steps to recovering a hacked website?

If you have discovered that your site has been hacked. Here are the necessary steps to be actioned in restoring your site:

1. Conduct a virus check on your local computer. Using a virus scanner to check if this was the source of the attack.
2. Change passwords. To ensure the hacker can no longer gain access to your website and database. Use secure usernames and passwords.
3. Assess the damage. Check which files we affected? Was access gained on your website and/or database? Any sensitive data affected? To access the full extent of the damage you can use the Google Webmaster Tools.
4. Restore your backup. Replace your infected files and possibly your database also from your backup.
5. Update plugins and themes. Update all applications, plugins, extensions and themes as a security measure to close known vulnerability holes.
6. Remove your website from blacklists. Google, Bing and Yahoo hold blacklist of websites that are affected with malware. Those websites blacklisted may be given low rankings or removed from search indexes entirely. Once all the above actions have been done to recover your site, you can now go about removing your website from the blacklists. Requesting a new malware review using Google Webmaster Tools can restore the status of your website to confirm that you have successfully removed all the malware.

 

How to protect against website vulnerabilities?

Minimizing the risk of hackers getting access to your website is the first course of action in keeping your site safe online. These are some easy preventative measures you can take.

Keeping your applications updated. This is vital in keeping your website secure. From the server operating system and any third-party software (such as CMS or forum) used on your website and also the plugins. Subscribing to automatic application update will help to apply security patches on your site.

Using a Web Application Firewall. They filter, monitor and block bad traffic, preventing spam and attacks on IP addresses. Web Application Firewalls are crucial in protecting your website from any unauthorized access.

Using a malware scanner. These are used to scan your website to detect malicious code, vulnerability exploits, infected files and other suspicious activities. Once detected they can remove and protect against continuous threats.

 

The Centiva Webmaster, what are our preventative measures?

Centiva webmasters support the wider community through communicating their findings, for Google’s use in the collective effort to proactively prevent cyberattacks. The best solution is prevention, so we design our websites taking all the necessary security measures to protect your site and have in place a full disaster recovery strategy for a total protection solution.