What to do if your website has been hacked, and how to fix it!

Hackers. Somehow, these invisible people manage to make headlines, time and time again.

We like to imagine hackers as this incredible force of nature, to the point that media, video games, and TV sometimes show hackers as the closest things to superhumans we can get with our current technologies.

As I like to say, life is definitely more boring than we think it is, and being visited by a hacker is terrible news for your website, rankings and everything in between.

Did you know that your website may have been hacked in the past and you may have not even noticed it? A hacker may have simply broken into your website for practice, for the sheer thrill of it or simply picked you at random – don’t be hard on yourself, it’s not your fault.

Without further ado, let’s first understand the signs of a hacked website – and, of course, what you can do as a consequence.

Signs your website has been hacked

Unfortunately, hackers won’t leave a big sign on your homepage that reads “YOU HAVE BEEN HACKED”. The better the hacker is, the more likely it is that you may not even notice a hack even happened in the first place.

A defaced website

Just like graffiti, hackers may have destroyed the appearance of your website or simply left their “tag”, such as an image or a text.

According to the Wikipedia definition, website defacement is often politically motivated. Corporations are also more likely to fall victim to website defacement as a result of hacktivism.

Malicious web redirection

Type www.(yourwebsitename).com in Google’s Omnibar (the bar on top of the screen). 

Is the search directing on your website as usual, or are you being redirected to some random dodgy page you had nothing to do with?

You can also check if you have fallen victim to a malicious web redirection by checking the HTML on your website (press F12 while on your website). In the header.php file of your WordPress website, you may find these lines of code:

These random letters and numbers can be decoded to find out the actions the hacker has taken, but in a nutshell, this is part of the malware that is incredibly harmful to your website’s rankings, and may even threaten your website’s existence as a whole.

Spam and other strange activities

Are you getting traffic from countries you haven’t targeted yet with your SEO campaign? Are you getting a ton of messages in your inbox from what are obviously scammers?

Things such as these are a warning bell for those who have fallen victim to a hack, and one of the least obvious signs that a hacker has targeted your website.

PHP Injection

Basically an evolved version of a malicious web redirect, this can be incredibly tough to overcome since it’s a small snippet of code inserted into your website that replicates itself over and over again.

A PHP injection allows the hacker to perform an action whenever something on your website is pressed. This can be a menu button, a hyperlink, a specific box in your website… The choices are limitless. 

Even worse, sometimes this action a PHP injection allows the hacker to do is nearly invisible, such as downloading a file, starting a malware or turning on/off other parts of code.

Although this is easy to spot if you know some coding, it can be almost impossible if you have built your WordPress website using a visual builder, and don’t know much about HTML, PHP and JavaScript.

The best way to handle a PHP injection is to talk to a webmaster immediately. Most web professionals will execute a security audit to identify the scope of the issue and find an optimal solution for it. If you think you’ve suffered from a PHP injection, contact our technical SEO team now.

Notification from Google

Google does a great job at protecting its users, and sometimes, it will even warn you if someone tried to access your account from an unrecognised device.

Needless to say, the notification is a huge red flag.

How to fix a hacked website?

As ugly as it is to say, being hacked is one of the most challenging things you can overcome by yourself. The amount of technical knowledge needed to handle or circumvent the damages done by a hack is often acting as a barrier for the majority of website owners. 

We strongly advise you to immediately contact a trusted professional or a company that specialises in the recovery of WordPress websites, should you have a WordPress website.

But until then, there are some actions you can take today to fix your hacked website.

Change your passwords

You don’t have to change just the password on your website, but also the password on any potential notebook software or password management system where your site’s data is present.

Use a trusted firewall

A firewall is a network security device that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules. Its purpose is to establish a barrier between your internal network and incoming traffic from external sources (such as the internet) in order to block malicious traffic like viruses and hackers.

Firewalls carefully analyse incoming traffic based on pre-established rules and filter traffic coming from unsecured or suspicious sources to prevent attacks.

There are several options when it comes to firewalls. Here at topflight we use Cloudflare, and it’s a great option to protect your website from attacks.

Cloudflare firewall system

Let customers know

Your customers will be confused when they see your website suddenly disappearing off the face of the Earth. This will lead them to investigate and try to find out what happened to you, and most of the time, they will do so via social media.

A single post saying “We have been hacked, please hold on” or “we are encountering severe technical difficulties” are enough to put their mind at ease. 

After all, what would your reaction be if your favourite website just vanished without a trace?

Find better solutions

Anti-malware plugins such as WordFence and Titan Security are a bit like security cameras: you don’t need them until you suddenly do, and often, people regret not getting a trustworthy service to begin with.

Inspect your current anti-malware solution, if you had one beforehand: Is it old, not updated or untrustworthy? Then remove it.

Take your website offline

A temporary solution to prevent permanent damage, and the last thing to do.
When you discover that your website has been hacked, it’s time to currently send it offline: by showing vulnerabilities, the hacker has essentially allowed easier access to other hackers that could be doing even more damage, steal your data or even destroy your website entirely. 

Let me repeat: the moment you discover your website has been hacked, you take it down. Doing so is like locking the vault in case of a robbery.

Use a website management service

In an older article, we mentioned the fact that websites are a bit like cars: the more you use them, the more worn out they become.

This is especially true if you have plugins installed (and let’s be honest, you do. Everybody loves a good plugin).

Would you go around with a car that is falling apart? No, it’s definitely not a safe choice. Plus, having an old car means that it would be easy for people to break into it: after all, the longer something is around, the more people will try and find a way to break it apart.

Just like a car, you can keep you website updated and secured by hiring web management services: this services will set you back around £500 a month on average, but the safety you get is immense:

It essentially ensures that your “old car” gets no broken or weak pieces by regularly updating and testing every cog and wheel, so that you can drive around without the fear of a breakdown.

A web management service is also ideal for those who have been hacked: we will investigate and figure out if there are issues, missing assets or malicious redirects anywhere on your website, so that you can gain back some peace of mind while a professional can fix any issue a hacker has given you.

Keeping your website up-to-date is critical not just for hack prevention, but for its effectiveness and performance.

An updated website is faster than an outdated one, and a web management will also save back-up files in case of damages, losses or worse by hackers.

Topflight offers web management services that are renowned by customers for its efficiency and brilliance.

Conclusion

It’s stressful and annoying and you may even wonder what you have done to deserve it.

Don’t worry, being hacked is something that happens to the best of us. 

The truth is, it’s almost an experience every digital marketer will have at least once in their professional lifetime.  

Once your business grows in size, consider introducing a support team to your staff list. These people can really put your mind at ease, knowing that you will have back-up no matter what you do.

TABLE OF CONTENTS