My Site Was Hacked!

of 17 /17

Transcript of My Site Was Hacked!

HACKEDTen tips on

what to do next.



You wake up one morning, get

your coffee, open your browser,

and navigate to your website.

To your horror, your discover that your website is

simply not there anymore. Or worse, it's been

replaced by a NSFW (not safe for work) page or a

crowd of ads for unsavory pharmaceutical


To your horror, your discover that your website is simply not there anymore. Or worse, it's been replaced by a NSFW (not safe for work) page or a crowd of ads for unsavorypharmaceutical products.

Even without reading thesolemn notification from yourbrowser, you know the grimtruth: you've been hacked.

Now you're in a panic.

How did this happen? Where are your site assets? Will you ever get control back?

Oh No!


Calm down.

You can recover from this. You can contact aprofessional service or fix it yourself. Google even has an

that's ready to help you when you are ready.8-step DIY recovery process


Let people knowyou've been hacked.Notify your host, webmaster, and, if you can,  yourcustomers. Now either clean up your local PC byrunning anti-virus/anti-malware software, along withyour latest OS update, or, if you have doubts thatyour machine is truly uninfected, commandeer a PCthat you're sure is clean.


Make sure.Log into your hosting account to make sure you’vebeen hacked. Sometimes what you think is a hack is aproduct of a service outage or maybe even a badplug-in that you might have installed. Your host will beable to tell you if you were actually hacked and, if so,

begin to trace what caused it.


Backup (or back tothe drawing board).In some cases, a good hosting company will have anold backup of your site to serve as a starting point torebuild your site. You may also have backed up yoursite locally. If your site is built with WordPress,

here is a guide for restoring your site from a backup.


Worst case scenario:There is no back up. Data is corrupted beyond repair.You need to rebuild.

There is one last refugeyou need to visit:

The Internet Archivemay have recorded your site

in its 456 billion page directory.


Find your site snapshot.Go to the last date your website was archived in a sitesnapshot. It’s tedious, but you will at least see your olddata, and be able to copy and paste it into your newsite's pages.*

* I realize that this process is impractical with large database-driven sites, but for small sites without hundreds of entries, it’s better than nothing, and can be a real life saver.


Get a secure username and password.Many hackers use "brute force" attacks that look forthe easiest method to break into your site’s controlpanel, often by using the username “admin” andpassword “password.” If you've failed to change thedefault settings that came with your hosting setup,

you're just inviting the hackers to get you.

Use to create namesand passwords that are harder to crack.


Don't wait for the nextcatastrophe to strike.

Always back up your websiteon a regular schedule.WordPress site users have a vast library of backup toolsto choose from. For the rest of us, logging on via FTPand whacking your content to your local PC is a taskthat you need to mark on your calendar and stick to.


Check your users.Delete any unwanted usersDelete users that are no longerusing your dashboard (guests)Only give others the access theyneed. For example, a guestblogger on your site should

never be given admin status,but give contributor status.

If this all seems to difficult, then by all means hire aprofessional, or upgrade your hosting service toinclude automatic backups, with managed security.

You may pay a premium forthis service, but it is totallyworth the peace of mind.

1. 2. 3.





A digital marketing leader since 1996, Didit providesfull-service online advertising and marketing serviceswith award-winning expertise and innovation.

Our full-service approach applies multi-faceted skillsets, including SEO, PPC, CSEs, PLAs, ContentMarketing, and Social Media strategies that create aholistic synergy of online marketing tools.