What should I do if my website has been hacked?
If your website has been hacked recently, you will have to put a little time in to remove the attack and to prevent your site from getting hacked again. Below you will find some recommended steps to help you recover from a hacked website.
You can also check GOOGLE GUIDLINES : https://developers.google.com/web/fundamentals/security/hacked/
Recovering from an attack
1. Contact your hosting provider (send us email to firstname.lastname@example.org) - This will open a support ticket for you
Your hosting provider should be able to give you some details about the hack, including how the site was hacked in the first place. If your site is on shared hosting, for example, it may mean that other domains on the server have been compromised as well.
2. Remove the malware or other content that has been injected in to your site
3. Check to see if your site is on any blacklists. A blacklist can temporarily impact your site’s SEO and SERPs, so you should login and see if you have any site warnings in Google Webmaster Tools that need to be addressed. You will have to resubmit your site for review once the hack has been resolved.
Preventing and mitigating the risks of a future hack
If you want to lock down your site to reduce the probability of being attacked again, please take the following steps:
1. Make sure you always update your content management system to the latest version. If you’re using WordPress, for example, check to make sure that you’re on the most recent version of WordPress. CMS platforms push out updates to address known vulnerabilities, so you should always upgrade to the latest version when it is made available to you.
2. Make sure your plugins are up to date. If you’re using plugins or extensions on your site, which many CMS platforms do, these are also potentially vulnerable if you are not working on the most recent version of the plugin.
3. Lock down your admin back end. Many hacks are due to brute force attacks on sites, and you can look at services for attacks designed to target CMS platforms like WordPress.
4. Look at backing up your site. In the event of your site getting hacked, you also don’t want to have any issues with losing valid content that was there prior to the hack.