Help, My Website Has Been Hacked!

You may have been informed by Google, your webhosts or a visitor that your website is unsafe or unavailable. The website might look OK or it may have been de-faced ie shows a message from whoever claims to have hacked you. There's a number of things needed to stop the website remaining vulnerable including stopping traffic to the site (often malware on a website will drive visitors to a page that then generates spam emails), scanning for infected files and removing out of date software.

Why Websites Are Hacked

The term hacked can cover a number of scenarios including:

  • website was exploited due to out of date extensions, plugins, core software or server software
  • passwords were weak
  • poor security was used
  • brute force was used

Fixing A Hacked Website

There's countless articles about steps you might take to fix a hacked website. Every one of these may be beyond your skillset, and why not? You may be the website owner who had the website built by a company or individual. Your job may just be to update content.

Fixing a hacked website or removing malware can be tricky, involves a number of steps and you may need to check back a number of times to ensure everything really is OK. We've seen defaced websites, whole websites deleted, files overwritten with spam code, sub-domains created with pages made to look like Paypal, iFrames injecting external code into a page, command-line hijacks and more.

Many issues can firstly be addressed by identifying what the exploit was. Helpful webhosts can lockdown your website, provide a scan of infected files and may even take steps to remedy the issue, including rolling the website back to the last known good backup. But that may only get you back to the place where the vulnerability existed, and then the software needs updating, scans need to be done to confirm no files are infected and security measures put in place to minimise future vulnerabilites.

What We Can Do

This isn't an article that is going to promise we can fix any hack or vulnerability in your Joomla or WordPress website within x hours. We are quite capable of going through a checklist of steps including, re-installing or updating core software and more. 

We will deal with your webhosts and help lockdown the website to prevent visitors triggering nasty code. We will, where we can make updates. What we will also do, in a timely manner is to refer to experts further up the line whose job is solely to fix hacked websites, such as myjoomla.com. They will ask some difficult questions and we can help provide them answers, logins and also receive back information about the newly secured website after it's fixed.

Plan Of Action

While we may not be able to fix every hack or exploit of your website, we know people who can, and we are happy to talk to them on your behalf. 

Contact us, for more information.