What if My Website Has Been Hacked?
- How can I tell if my website was hacked?
- What can I do if my website was hacked?
- How could my website have been hacked?
- How can I protect my website?
How can I tell if my website was hacked?
A website hack can be detected by direct or indirect signs by the website owner, visitors, or the hosting provider.
A website may be compromised if:
- your antivirus warns that the site is infected;
- you see a sudden drop in traffic;
- the site redirects visitors to third-party websites;
- search engines mark the site as unsafe;
- browsers show security warnings;
- a threat report appears in Websites → Your_domain → Security → Antivirus.
If Rucenter detects malware or receives complaints, the website owner will be notified accordingly. Malware detection may lead to hosting suspension. If spam is sent from your hosting, email sending may be disabled.
What can I do if my website was hacked
1. Remove malicious code
Threats are listed in Websites → Your_domain → Security → Antivirus section of the hosting control panel.
The easiest solution is to restore the website from a backup. Make sure the backup files are clean. If the infection occurred more than 7 days ago, restore from your own backup (if available).
You can remove malware manually or use Website Antivirus with automatic cleaning.
2. Scan all computers used to access the admin panel or FTP for viruses, especially for trojans.
3. Change all passwords for:
- hosting control panel;
- FTP users;
- MySQL users;
- website admin panel.
4. Update your CMS to the latest version available on the official website of the developer.
Install all security patches for themes, plugins, and modules for CMS. Remove unused or outdated components.
How Could My Website Have Been Hacked?
Common causes:
1. Vulnerabilities in the CMS.
Always update your CMS (WordPress, Joomla, etc.) to the latest version. Attackers exploit known vulnerabilities of popular CMS for major hack operation.
2. Vulnerable CMS themes, plugins, or modules.
Pirated or modified software often contains malware. Use only official CMS extensions to avoid such risks.
3. Viruses on the computer from which the website is managed.
Passwords for the admin panel, FTP, and other services can be stolen from a user's computer using spyware. Therefore, all specialists working with the website must ensure that their work computers are virus-free and use antivirus solutions with regularly updated databases when working online.
How to Protect Your Website
1. Keep your website's content management system up to date.
If a vulnerability is discovered in the CMS code, developers typically promptly release a new version free of the vulnerability.
2. Avoid installing themes and plugins from untrusted sources.
3. Regularly update antivirus software on personal computers used to manage websites.
4. If your CMS has a feature or plugin that prevents brute-force password attacks, use it.
5. The password for the website's administrative panel must contain at least 8 uppercase and lowercase letters and numbers that do not form a coherent word in any keyboard layout.
6. Activate the "Website Antivirus" service, which allows you to identify security threats and take prompt measures to neutralize them. You will be able to minimize the negative consequences even in the event of an infection