Have a plan for when your website gets hacked

Has your website ever been hacked? If it has, you probably now have a plan of action if it ever happens again. If it hasn’t, you really do need to have sorted out in advance what you’ll do.

Two of our clients have had this unpleasant experience in the last year. I’ve had a very popular fan site that I run hacked as well. It’s been a learning exercise for all of us.

So how does ‘being hacked’ manifest itself? It doesn’t mean that your site gets replaced by a skull and crossbones with a message saying: “HACK3RZ ROOL” or something (although it can be that). More likely, you might not even know something has happened. ‘Malware’ placed on your site can show messages to visitors or redirect them elsewhere on a very selective basis, extending the time before it’s detected. And of course it can also simply steal data, invisibly.

In many cases, the first warning that we get of a problem – and this was the case for me – comes from our website hosts or from Google. My website hosts sent me the following message: “Unfortunately, malicious activity has been detected on your account. Such activity can harm the site’s visitors, as well as its reputation on search engines and the reputation of the server with email providers. As such, this is seen a breach of our acceptable usage policy and has left us with no choice but to temporarily disable part or all of the account.” A lot of helpful suggestions followed, but the rest was up to me and anyone visiting the website was met with a ‘site unavailable’ message.

Google is also very strong at detecting malware and other problems, even if they’re invisible to visitors and website owners. It will send a message to your Search Console account and if you’re Google Ads user, it may reject your adverts with a warning. But again, the problem is yours to fix.

If your site is run by an IT department, it may be worth reassuring yourself that they have a plan of action if something untoward happens. Remember, notification that there’s a problem may come via you (through Google, etc), and my experience is that doesn’t always go down too well in the server room. If your site is self-managed, and you’re not an IT expert, who ya gonna call? Some web hosts – especially if you’re paying a premium rate – will be very helpful in tracking down the issue. But most cheap ones understandably don’t offer such a service. So think about what you would do now. Don’t leave it until the worst happens.

As I’m fairly careful about potential problems, on my (WordPress) website that was hacked, I was running some security software called Wordfence. Clearly someone had got around this, or I’d made some mistake, but that’s a separate issue. I was therefore aware that Wordfence offered a cleanup service, which I took advantage of. It wasn’t free though, and it took a few days. However, the process was excellent and I would use it again.

So my advice is to pretend you have a problem now, and ensure you have a procedure to fix it, whether it’s using a commercial service, your website designers, the IT department, a mate who knows about these things, or whatever. It’s up to you, but have a plan. Don’t start consulting Google in a panic when it does happen.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.