Do you think your website has been hacked? Is it not loading correctly, or is there a message saying that it was hacked? It can be overwhelming to know what to do. In this article, we want to help you take the first steps to securing and ensuring that your website is operating properly. Let’s go over several signs of a hacked website.
Browser Hacked Notification
If you open your website in a private browsing window, do you get any type of warning from your browser about your website possibly being hacked or ‘phishing attack’? Below is an example from Firefox warning of a possible hacked or deceptive website.
These types of warnings will usually happen as Google Chrome, Firefox and other browsers notice that your website has been accessed by a hacker and infected with malware with the intent to harm your visitor’s computer.
Hosting Provider Notification
Some web hosting companies run daily scans and can tell if your website has been hacked or is infected with malware. If the scan comes back positive, they will usually temporarily suspend your account and notify you via email or a phone call. Once you are notified, it is your responsibility to have the files cleaned. Most hosting providers won’t unsuspend your account until they can verify that everything is cleaned. We recommend using Sucuri to clean your hacked files. Not only do they provide excellent service, but they ensure that your website is back online fast and efficient.
Sometimes Google will notice malware on your website, and will put a notice such as, “This site may be hacked” in search results.
Depending upon the severity of the hack, Google may not list infected websites in search results. One way to check and confirm that this is not happening to your website is to check the ‘Security Issues’ tab within Google Search Engine Console. If there is malware or security concerns with your website, they will be listed within this area.
Another way to know if your website has been hacked is if you start to hear feedback from visitors about security messages or redirects to other web pages. This type of feedback is crucial to keep your online presence active and without penalty of any search engine.
How to Move Forward
If you’ve been notified of a hack via one of these notification types, let’s look at the resolution steps that we need to take.
Change all passwords for all accounts. This includes cPanel, email passwords, website login (WordPress, BoldGrid, Drupal, etc), and FTP passwords. If the passwords used for any of these services were used elsewhere, such as Facebook or another email account, we recommend changing those as they could be at risk.
Give us a call, open a chat, or send us an email and we’ll be happy to run a free malware scan over your account with us. This scan will tell us if your website is hacked. If it is hacked, we’ll be able to provide you a list of the files.
Believe it or not, website hacks can come from your local computer. If a virus is installed on your computer, it can capture usernames and passwords. Along with capturing this information, hack code can be installed, opening a backdoor for malware and viruses to infect your website. To prevent this from happening, we recommend that you run a full security scan of your computer to ensure that nothing is infected. Learn more about running this scan by reading our support center guide. If the scan comes back with a virus, use the recommended tools in the article above to remove it. If your computer comes back clean, proceed to the next step.
If the malware scan that we ran for you comes back with a list of hacked or infected files, reach out to a qualified developer or security company to clean your website files. We recommend Sucuri to clean website files. They quickly clean and help get your website back live. If your scan comes back clean, we recommend that you investigate where the original hack notification was displayed and reach out to that service for a rescan of your website.
The steps provided in this article will help you determine if your website is hacked and if so, what to do.