Web Design and development

‘Help I’ve been hacked!’ We hear this all too often these days. I’m sure you never imagined you’d be writing that.

Opening up your website one morning to find that all is not as it should be is the nightmare of most website owners. Unfortunately it’s becoming a reality for more and more of us with so many hackers around trying to make a name–or a buck–for themselves. But it’s common to think you’ve been hacked when in fact, something else is going on. Let’s be sure th at you have been hacked…

First, let’s be clear about what hacking is. It’s when someone gains illegal access to your website, without your permission, and makes changes to the code of the site. For whatever reason–if anyone makes changes to your website you’ve been hacked.

Making Your Website Secure From Hackers

Web Design and development

Help I’ve Been Hacked

An ounce of prevention is worth a pound of cure, as they say. To make your website as hack-proof as possible, I recommend the following:

  • Pick a strong password for your hosting that won’t be easy to crack. If you’re worried about forgetting your login information, simply use one of the great password managers, such as LastPass. I personally use this, and you can get a version for whatever browser you’re using.
  • Change your password frequently. This is a step well worth taking for website security.
  • I strongly recommend WordPress for building websites, even e-commerce websites, because the code has been developed over time and they are constantly upgrading it for security. This is something you won’t get with even the most expensive web design service.
  • Set up correct permissions for your website files: make sure that you aren’t giving out more permission that is necessary for any single file.
  • Understand how hackers can use the .ht acces file to gain access to your site.

 

I’ve Been Hacked–Here’s What to Do

If you have been hacked, the first thing to do is don’t panic. If you should opt to follow our instructions, you can call us for help.

  1. Take your website offline immediately. You can do this through your hosting panel. If you’re not sure how to do it, talk to support and they will do it for you.
  2. Block access to your websites files by using .ht access.
  3. Change the password you use for your hosting provider. This is vital, because the hacker can get right back in and hack you again even after you’ve fixed things if the password hasn’t been changed.
  4. If your website is built on WordPress, here’s all you need to know about being hacked from WordPress.
  5. Be sure to copy any files that have been customized from your theme: this is important because to remove all traces of hacking you’re going to have to delete everything and start again.
  6. If you had a customized web build, you should have a backed up copy of your site, or at the very least your designer should be able to help you out here.
  7. Backup your access logs (from your hosting provider). Do this immediately because they are not kept for long and you don’t want to lose evidence.
  8. Inspect the code for all your website plugins. You may need to get a specialist to do this for you if you don’t know what to look for.
  9. Your SQL database might offer evidence of suspicious linking. But you’ll have to go through it table-by-table and line-by-line. Any Javascript that you don’t remember installing should be suspect.
  10. In the end you will have practically rebuilt your website from scratch. I know this can be daunting but it’s really the only way to ensure that you’ve eradicated all traces of the hacker’s code. Doing this the right way will save you time and aggravation further down the road.
If you have followed all the instructions and are still having problems, it may be time to call in a hacking specialist, otherwise known as an ethical hacker or a website security specialist. We can help you out, so drop us a line through our contact form right away.
contact Middle East Solutions today for help
0 Comments

Leave a reply

Your email address will not be published.

CONTACT US

We're not around right now. But you can send us an email and we'll get back to you, asap.

Sending

©2018 All Rights Reserved.

Log in with your credentials

Forgot your details?