If you paid attention to yesterday’s post about website security then you should have already minimised the chances of having your own site hacked.
But what if it has already happened?
How Would I Know That My Site Has Been Hacked?
You may have had your web site hacked if one or more of the following is true -
- The search engines now says you run an attack site
- You’ve noticed spam email being sent from your account
- When you search for your own site (yes, we all do it!) your antivirus program suggests it may be being used for phishing
- You now have some political statement or graffiti all over your pages
Of course there may be other signs but the above are the main ones that I can think of.
What now?
Change Them There Passwords
Do it.
Do it now.
Assuming you still have any kind of access to your website then you need to change all of your passwords – cPanel, email, admin passwords, etc.
Remove Old Scripts
Next, go through your hosting space and remove every old script installation that you find.
Also, update or remove old plugins too because they are also at risk of being hacked.
Check Your Error Logs
By checking the Error Logs in cPanel you may be able to discover suspicious requests.
Typically, a hacker will give themselves access to your website by adding code or files so look for such within your public_html folder.
If you find any code or files then take a note of the details, such as date and time that the file was uploaded, the file name, folder it was in, etc and then inform your web host as they may then be able to offer some assistance.
Of course it goes without saying that you should then also delete said codes or files.
Minimising Risk
Web sites are hacked all the time and all you can do is ensure that you have made it as hard a task as possible and then hope that the hacker moves on to an easier target.
By keeping your files up-to-date and secure you will have increased the workload for a potential hacker.
You then just need to cross your fingers and hope that encourages them to pass you by.