May 8, 2015: Have you ever worried about having your website hacked? According to Forbes, 30,000 web sites are hacked each day. These vulnerable sites can be infected with malicious code looking to suck the SEO score from your URL. It’s a widely held myth that cyber criminals only go after large businesses or government agencies, the truth is that hackers have automated scanning tools that scour the web looking for sites to help spread their malware. It could be a small business, or even a personal blog. Wherever there is a vulnerability, a hacker will try to take advantage of it. So what do you do if your site is compromised? The presentation above will help you stay prepared.
Key points to remember in this 10-step exercise:
STEP 1 Calm down. You can recover from this. You can contact a professional service or fix it yourself. Google even has an that’s ready to help you when you are ready. 8-step DIY recovery process
STEP 2 Let people know you’ve been hacked. Notify your host, webmaster, and, if you can, your customers. Now either clean up your local PC by running anti-virus/anti-malware software, along with your latest OS update, or, if you have doubts that your machine is truly uninfected, commandeer a PC that you’re sure is clean.
STEP 3 Make sure. Log into your hosting account to make sure you’ve been hacked. Sometimes what you think is a hack is a product of a service outage or maybe even a bad plug-in that you might have installed. Your host will be able to tell you if you were actually hacked and, if so, begin to trace what caused it.
STEP 4 Backup (or back to the drawing board). In some cases, a good hosting company will have an old backup of your site to serve as a starting point to rebuild your site. You may also have backed up your site locally. If your site is built with WordPress, here is a guide for restoring your site from a backup.
STEP 5 Worst case scenario: There is no back up. Data is corrupted beyond repair. You need to rebuild. There is one last refuge you need to visit: The Internet Archive may have recorded your site in its 456 billion page directory.
STEP 6 Find your site snapshot. Go to the last date your website was archived in a site snapshot. It’s tedious, but you will at least see your old data, and be able to copy and paste it into your new site’s pages.* * I realize that this process is impractical with large database-driven sites, but for small sites without hundreds of entries, it’s better than nothing, and can be a real life saver.
STEP 8 Get a secure username and password. Many hackers use “brute force” attacks that look for the easiest method to break into your site’s control panel, often by using the username “admin” and password “password.” If you’ve failed to change the default settings that came with your hosting setup, you’re just inviting the hackers to get you. Use http://passwordsgenerator.net/ to create names and passwords that are harder to crack.
STEP 9 Don’t wait for the next catastrophe to strike. Always back up your website on a regular schedule. WordPress site users have a vast library of backup tools to choose from. For the rest of us, logging on via FTP and whacking your content to your local PC is a task that you need to mark on your calendar and stick to.
STEP 10 Check your users. Delete any unwanted users Delete users that are no longer using your dashboard (guests) Only give others the access they need. For example, a guest blogger on your site should never be given admin status, but give contributor status.
- 10 Mistakes to Avoid When Using QR Codes for Marketing - September 20, 2023
- Kevin Lee on How AI Changes the SEO Landscape - August 31, 2023
- The Power of Compound Marketing: Kevin Lee Presents @ 1MediaWorld 2023 Global Conference - March 7, 2023