First off, if your site was hacked, you have our sympathy. It's really frustrating - not only because it's troublesome to your visitors, but it's really difficult to completely remove the hack.
There are many ways to resolve the issue, but we're going to cover the fastest and easiest way to fix your website.
If your website was hacked, it means someone gained access to your website's files and did something horrible like inserting malicious code (known as "malware") into them.
You can fix the issues in many ways, but we're going to cover the most basic.
Change your passwords
If your site was hacked, immediately change all of your passwords. To ensure your site doesn't get hacked again, you should use a strong password.
The passwords to change would be linked to:
- Customer area. It is possible to gain access to your websites' control panels via the customer zone.
- Control panel. This provides direct access to your hosting content.
- FTP. This provides access to your website files
- Database and users. The database stores information from your site including the users that has access to it. If these were compromised then someone will have access to it at all times to make changes.
Remove the malware
Unless the hack was a simple defacement, it's almost impossible to remove all traces of a hack by hand. It would be best to consult your web developer to look out for anything suspicious in the code and remove it.
Restore a backup
If you have a backup of your website (and database) that you know wasn't corrupted, you should re-upload it to your hosting account. cPanel creates backups automatically but only keeps it for a limited time before it is overwritten with a newer backup. Website panel (WSP), Helm and Plesk platforms does not offer this so it is in your best interest to make and keep backups after a change is made to your site.
The most common cases we find is where customers have outdated versions of a CMS e.g. WordPress and Joomla. When an update is available it would mean that there were fixes and changes made to assist in security and performance. Upon releasing the newer version, changelogs are made available to the public advising what was done. This would include hackers who no knows what the vulnerability was in previous versions making it easier for them to gain access. This applies to the plugins used in building your website.
Below is an example of how you can update your WordPress version and all plugins that is being used to run your site:
The first step would be to login to your admin area by browsing to www.example.co.za/wp-admin (example.co.za would be your domain name).
You should see a screen asking for your username/email address and password. Please note that to login to this page, someone had to have created a user account. This is not necessarily your email address and password that you created in your control panel.
If you login successfully you should see the following page showing how many outdated items there are.
There are many places within the admin section to perform the update but the easiest would be to click on "Updates" below the "Dashboard" section. Select everything that has an update available.
If you are not hosting on the cPanel platform and require a restore to be done, a charge of R500 will be issued for every hour of work it takes to restore it. It is always best to keep a copy of the backup after any changes are made to your website. This way you can immediately restore everything that was impacted.