I think I've been hacked, what should do?
What to do when your website gets hacked
Jacqueline
Last Update 2 maanden geleden
If your website has been compromised, the first thing you should do is reach out to Igniter Digital for immediate assistance. We have the expertise to secure your site, investigate the breach, and restore your website to its previous state. You can contact us by:
- Phone: (731) 400-0595
- Email: [email protected]
- Submit a ticket: Click "Submit a Ticket" at the top of this page.
We'll take swift action to minimize damage and get your website back up and running securely.
It’s crucial to restore your website to a version before the hack occurred. Here’s how to do this on popular hosting platforms:
- Login to cPanel and navigate to the File Manager.
- In the File Manager, locate your website’s folder, usually in public_html.
- Download a Backup:
- If you have regular backups, go to Backup Wizard or Backup under Files and download the most recent clean backup.
- Restore a Previous Backup:
- To restore, click on the Backup Wizard > Restore, and select the backup file you want to revert to (usually the one before the hack occurred).
- Database Backup and Restore:
- Navigate to phpMyAdmin under Databases.
- Export a clean database version or restore a previously backed-up version from the Backup Wizard.
2. Managed WordPress Hosting (e.g., WP Engine, Kinsta, SiteGround)
- Login to your hosting dashboard (e.g., WP Engine, Kinsta, or SiteGround).
- Go to the Backup Options in your hosting dashboard.
- Select the backup from before the hack (your host usually creates automatic backups daily or weekly).
- Click Restore to roll back your website files and database to the clean version.
3. Bluehost
- Login to your Bluehost account.
- Navigate to the My Sites tab and select the website that was hacked.
- Under Manage Site, go to the Backup tab.
- Choose a backup version prior to the hack and click Restore.
4. GoDaddy
- Login to your GoDaddy account.
- Navigate to My Products and locate your website under Web Hosting or Managed WordPress.
- Click on Backups, select the appropriate backup version from before the hack, and click Restore.
Step 3: Change All Passwords
After reverting to a clean backup, update all passwords related to your website:
- Admin Panel: Change your website's admin password.
- Database: Change your database password through your hosting control panel.
- FTP Accounts: Update FTP credentials.
Step 4: Install Security Plugins
To prevent future hacks, install security plugins like:
- Wordfence
- Sucuri
- iThemes Security
These plugins can help monitor suspicious activity, protect against attacks, and keep your site safe.
Step 5: Review Users and Permissions
Check for any unauthorized users in your WordPress admin panel or hosting dashboard and remove them. Verify permissions to ensure no one else has access.
Step 6: Update All Themes, Plugins, and Core Software
Outdated software is one of the most common vulnerabilities for hacking. Make sure you update your WordPress version, plugins, and themes to the latest versions.