Web Development

What to do if your website has been hacked

Aug 30, 2019

One of the biggest concerns with any website is that it could be hacked. Chances are your website is the hub of your business, your main form of advertising and one of the things which legitimises your business in the eyes of your customers. It may also hold valuable and sensitive information that you do not want compromised by hackers.

Whilst there are excellent modern security features designed to protect websites against hackers, unfortunately this also means that hackers have gotten more sophisticated through necessity. Most new hacks are designed to avoid detection and, if left unchecked, they can potentially infect hundreds or even thousands of users before they are discovered. Not only does this affect your business and your visitors, it could also damage your credibility.

Thankfully, there are plenty of things that you can do to protect your site, check for hacks, and fix problems quickly.


How to check for hacks

The first thing to do before you can think about upping your security is to make sure that your site hasn’t already been compromised. There are lots of ways to do this, but here are some of the key things you need to check.


Look at your files

There are three main areas which hackers tend to attack on modern websites.

  • .htaccess files
  • .php files
  • media files

These files are particularly vulnerable to attack, as hackers can embed code into them, or insert hidden links to malicious websites. One of the most popular tricks hackers use is embedding base64 encoded information, which allows them to disguise links and malware so that they do not look concerning. To find these, you can just search “base64” throughout your site.

If your site is cluttered with unnecessary files, such as extra .php files or test databases, this will make these files harder to find, so it is worth going through and deleting these as you go.


Use security tools

There are plenty of security tools out there which you can buy or use for free and work to keep your site safe. Google has two of the best which are:


Google’s safe browsing checker

This tool allows you to scan your entire site and give you information on the last time the site was scanned, any suspicious activity that was found during this scan and whether or not your site has been identified as a distributor of malware.

This tool is totally free and just takes seconds to run. All you need to do is type in:

http://www.google.com/safebrowsing/diagnostic?site=yourdomain.com, replacing ‘yourdomain’ with your actual site domain.


Google Search Console

This is another free web service, set up for webmasters, which scans your site for malware and other issues, and alerts you if there are any problems. The service will also alert webmasters if there is anything on their page which is being flagged to visitors, such as :

  • Hacks
  • Malware
  • Harmful downloads
  • Uncommon downloads
  • Deceptive pages

It provides information on how to fix these issues and then you can simply rescan to ensure that everything is working properly again.


Fixing your site

Make a backup

If you have discovered issues that need fixing, the first thing you should always do is make a backup of your site, as it stands, without fixing anything. Many people feel that the easiest thing to do is simply to restore their website from an earlier backup, but this is a mistake.

In order to protect your site from future hacks, it is useful to have this version so that you can analyse the infection, and any weak points in your site that have left it vulnerable. It is also useful to backup just for your own peace of mind, as some hosting providers delete sites when they have been hacked.


Change passwords and verify users

The first thing you should always do when dealing with an attack is to change all of your passwords. Change the passwords for every part of your site, your personal computer and even any passwords on your phone if you have used it to access the site. This helps you to cut off access to the site from the hackers straight away.

You should then check the list of users on your FTP, WordPress, MySQL and so on, to confirm that all of the users listed should be there. Any users who are redundant or who you don’t recognise should be deleted.


Upgrade all of your software

Make sure that all of the software you are using has been updated to the latest version, including all WordPress plugins and themes.


Manually remove any hacks

If you were not on the most recent version of your site and have updated, there is a chance that any malicious code has already been deleted, but if not you should go in and delete any extra files manually. With every code that you remove you should go back in and browse your site to ensure that this hasn’t affected functionality.


Run another malware scan

Run another malware scan on your site to ensure that everything that flagged up before has gone, and there is nothing new to worry about. Repeat this with every change if you keep getting issues flagged up.


Change your passwords again and then remove the Google Malware Alert

This is a critical step, as it ensures that any malware that was able to track your movements doesn’t have access to your new passwords, now that it has been removed. Change your passwords for everything. After this is done you can apply for a Google security review to remove any malware alert that might still remain on your site.


Protect your site for the future

Once you are aware that your site is safe and free of any malware, there are a few things that you can do to help bolster your protection in future.

  • Remove all unused files as soon as you stop requiring them. Having an uncluttered site will help you to stay on top of things if anything changes or if new files appear.
  • Use strong passwords that are hard to guess, and keep them a secret from anyone that doesn’t need to know them.
  • Install an activity log plugin to keep track of everything that happens on your website, to make it easier for you to keep track of your site in the future.
  • Upgrade your site as soon as possible, whenever there is a new update.
  • Perform regular security scans using Google tools or other software.


The chances are that there are dozens if not hundreds of attempted attacks on your website every day. Protecting your site from attack is a time consuming and technical process and if you do not have time to do it then why not get a site created and hosted by MaxWeb.

Our graphic designers and programmers can transfer your existing website to our servers, or create you one from scratch, and our dedicated IT staff will ensure it stays safe from infection by and malware or viruses. You can reach us on 0151 652 4777 or email info@maxwebsolutions.co.uk to find out more.




Previous Article

SEO tactics that no longer work

Next Article

Get results from Facebook Ads

Featured Article

What to do if your website has been hacked