So, your website just got hacked? Here's what to do.

“Help! I’ve been hacked and don’t know what to do!”

Sound frighteningly familiar? According to certain studies, approximately 30,000 websites are hacked per day. If you have had the unfortunate luck of falling into this number, here are a few ways to fix yourself up:

1. Remain calm.

Yes, a terrible thing has happened and yes, it probably could have been prevented. Unfortunately thinking about all the things you could have done is not going to help get things fixed up. So, try to relax, take in a few deep breaths, and read on to get yourself back on your feet!

2. Change your passwords, no excuses, just do it.

It’s a pain in the rump to have to change passwords, there’s no way around that, but now it’s more than important. Here’s a few of the passwords you should change:

• WordPress login
• All email accounts
• Router (if you can figure out how to do it)
• Banking
• Google Account
• Anything else you can think of

3. Scan your computer for malware.

Download a malware scanning program or app and let it do it’s thing. Here’s a link to a fantastic free Malware scanner that I use at least once a week, called Malwarebytes:

• For PC: https://www.malwarebytes.com/
• For Mac: https://www.malwarebytes.com/antimalware/mac/

4. Scan your computer for viruses.

If you don’t already have a program or app for Anti Virus / Virus scanning, now is the time to get one. Here’s my recommendation – again, a free scanner from the lovely folks over at AVG:

• For PC: https://www.avg.com/ca-en/free-antivirus-download
• For Mac: https://www.avg.com/ca-en/for-mac

5. Try to determine what type of hack it is.

When you go to your web host to tell them you’ve been hacked, make sure you’ve made a list of everything that has happened, for example:

• There is porn all over my website.
• There are strange ads on my website (often for sporting goods, pharmaceuticals, high-end fashion names).
• My website is gone.
• I am no longer able to login to my WordPress website backend. *In this case you might not even be hacked.
• You receive the notorious red screen of death upon trying to go to your website. *This is basically a big red screen warning you that if you proceed to the website, you may or may not get infected yourself.
• etc..

The more details you can give your web host – the more they will have to go on and be able to help you out.

6. Use an online tool to determine if you really are hacked.

Being an enormous fan of online tools, there are two that can provide a very succinct answer as to whether or not you are hacked. Enter your URL in to either of these sites. Here are the direct links:

• Is It Hacked?
• Sucuri Site Check

If you see any red or yellow come up anywhere on the screen, take a good hard read and note the errors / warnings so you can take these to your web host when you inevitably contact them.

7. Contact your web host.

Once you’ve done the above 5 steps and still feel that your site is hacked, take your jotted down notes, and contact your web host BY PHONE. An online chat will take forever and be very frustrating and trying to do all of this over email will take even longer, so just suck it up, pick up the phone, and get this thing dealt with! Tell them every shred of information you could find about the hack, and let them tell you what they are prepared to do for you to get you back online. It could be their servers that have been hacked, in which case they would prioritize you over everyone else. Either way, let them know that this is a very large burden to you and you need them to get you back up and running as soon as possible. Lastly, ask them if they have a recent backup of your web site that can be restored. Any reputable web host should have a backup of some sort, but really, the onus is on you and that you probably should have had a daily / weekly full website backup plugin running already!

8. Know when to seek help elsewhere.

If you have spoke with your web host and your website is still offline and you still feel queasy about the whole situation, it may be time to seek outside help. Here at WP Site Patrol we can help you get your website unhacked and back up and running in no time. We are real people who really care if your website is gone and that you are losing business / followers / clients / customers. We want to see you succeed and thrive online! Contact us right now for a free consultation or just to talk about what’s happened. Advice is always on the house. I’m David – and can be reached at: 604-220-8158.

Conclusion

It’s a serious business having a website. This is why you need to protect it and be prepared for the absolute worst. To read more on how you can protect your website that hasn’t been hacked, please check out our totally free iBook here: 10 Easy Ways To Secure Your WordPress Website!

If all of this still feels like too much or seems too overwhelming, WP Site Patrol has very reasonably priced monthly maintenance plans to assist with all of your WordPress website updates, backups, and security needs. We will also help you get un-hacked if you are hacked if you sign up for any annual plan ??

Stay safe out there and most importantly, have fun!