That was me last week. Again. Admittedly it was a few years since one of my sites was last hacked. This time it was two.
It’s no fun.
Even less fun is the support you may not get from your host. Mine was no help. Needless to say I had already done what I could to remove the malicious code. Still, the care factor was marginally above zero.
Fortunately the attack was more for pride and vanity than to destroy any content or pillage (so far as I could tell).
It’s a horrid feeling to realise your site has been attacked. Definitely pays to be checking your sites regularly. I know there are some I don’t access very often.
So, what do you do when it happens?
Here’s Google’s handy tips to follow:
Then there is also some good practical advice from another blogger who learned the hard way;
Jeff Goins handled it this way:
And this is great advice to follow:
What Did I Do?
- Changed not just my admin password but I created a new Admin User with a fresh password. I logged back in under the new Admin User and deleted the previous Admin user.
- Changed my ftp passwords with my host.
- Checked I had pre-hack backups saved off my server (I mail them to a special email address automatically)
- Ran my site through Sucuri, identified the malicious code files and deleted or replaced them
- Updated all software on my site
- Checked whether my security software was adequate and installed a better one if not.
- Reviewed the advices above and locked down my sites as much as possible for future protection.
Luckily I noticed the hack within 24 hours of it happening and took remedial action straight away. That meant that my site was not picked up by Google as having been hacked and so was not blocked. The other advantage I had was the time zone difference. My site was hacked overnight so I got to work on it in the wee hours before business hours kicked in locally. Sleep? Not when your site is hacked!
What bemused and annoyed me was that by chance I found my site had been listed as hacked on a hacker’s forum – along with hundreds of others that day. Seems my hacker is trying to up his/her status in hackerdom by competing for the number of sites hacked. I have no idea if said hacker had a political message – I just took the thing down!
If you have a website that you self-manage the chances are that you will be subject to attack at some point. Be on guard and make sure you keep your site software updated, keep backups and have good security software and protocols installed.
Finally, don’t let the hackers get you down!