Terug naar overzicht
My site has been hacked. What now?
We all know it happens, but why? and by whom? And what should you do if it happens to you? We explain everything step by step....
Hackers have been around as long as the word “digital” has existed, and over the years they have also become increasingly brazen. So what happens regularly these days is that phones, computers, websites etc are hacked, but why you of all people? In this blog, let’s take website as an example.
What does a hacker want with my site?
Hackers are constantly looking for valuable information. By hacking your website, for example, they hope to find something such as your payment information, data they can resell or other useful data. Another reason why Web sites (and especially small Web sites) get hacked is simply practice. Many hackers don’t start on a big bank right away, but start with the small stuff first. That way they learn how certain technology works and how to bypass it. In this way, they try higher and higher levels. At such times, you then see these news items come up:
source: nu.nl & rtlnieuws.nl
How do I know if I have been hacked?
This is where it usually goes wrong. The moment you can tell that your Web site has been hacked, you are usually already too late. Hackers are some of the most patient people on the planet. If you can see that your website has been hacked, chances are very high that it is due to a break-in from a few months ago. Hackers often proceed as follows:
- Search a target
- Breaking in through poor security
- Plant their malware, viruses or take your data
- Only weeks/months after that do they put their hack live
Why are they waiting so long to do that?
Quite simply, that way the backups from past weeks/months are also useless and there is nothing you can do to get your website back. Sometimes you even see them ask for money to restore your website; never pay that. The moment you pay we see an opening with you to transfer money to them and with that you actually indicate that this is just the beginning, the site often can’t be recovered…
So is it useful to manually download a backup every once in a while and store it locally? Maybe so.
What should I do to stop hackers?
With my experience, I have sometimes seen a website that has been hacked. People then often come to me asking, “My website has been hacked, can you take a look at it?” And what it really always comes down to is that the security has never really been good, so that includes website maintenance.
With just proper maintenance on your website, you can prevent a lot. It’s just not that nothing can happen to you if your plugins and your WordPress is always up to date. If hackers want, have enough knowledge and enough time, they can get into almost anything. Then I’m not talking about the home garden & kitchen hacker, but the seasoned hackers. The point I am trying to make is that it is never 100% sure that nothing can happen to you. What I always say is that it is important to do enough maintenance on your website and keep everything neat and tidy. This way you reduce the chance of being hacked. Because not everyone feels like doing this, we can take this off your hands with a“support contract“. With a support contract we do a complete check-up of your website 4 times a year. Here we do the following:
- Plugins check (safety check)
- Tracking WordPress/Plugin updates
- File check, to make sure there are no weird codes etc in your site
- Where possible clean up your website
And a few more steps….
Rather be sure everything is tracked? Let us know.
Roadmap to restore your site
If you get it bad Google marks your website as unsafe. At that point, it is important that you make your site secure as soon as possible before it affects your Google position. You can check here to see if your site has been marked as unsafe by Google. If your site is marked as unsafe by Google, you need to take the following steps.
1. Make sure the malware/hacked files are cleaned up
In a hack, a lot of files are broken or attached to cause phishing. Themost important thing is to get that off as quickly as possible. Because hackers don’t tell you exactly where the files are, the fastest/best option is usually to delete everything and set up a temporary site so your visitors still get info. Because the faulty files have probably been in your site for months, you can’t clean it up properly and the chance of a 2nd attack is also a lot higher. After all, there was a leak in your website that hackers don’t forget.
2. Request a new check from Google
As long as you do nothing, Google does nothing. So it is important that you let Google do another check only after you have done step 1. You can do this check at “Google Search Console” (Not familiar? Ask your marketing party to help you with this). When you log in to Google Search Console, the dashboard will immediately show a message that problems have been found and that you can run a new check.