I managed almost two years without experiencing a cyber attack on this website but a couple of months ago it was hacked. EEK!!
The first I knew about it was when a fellow blogger flagged up a dodgy looking link embedded in my header (thank you SO much Samantha from North East Family Fun). It contained a word of a sexual nature!! Aaaahhh! HELP! How on earth did it get there? What should I do? It was a horrible feeling and a bit violating, like a burglar going through my knicker drawer or something. It didn’t help that I was overseas at the time without my laptop. I felt completely helpless.
I finally got it sorted with the help of some I.T experts my husband knows but I had a good few days of stressing and contacting my host and WordPress to try to figure out how to sort it and worrying that I may have lost much of my content as I didn’t have my site backed up.
It was probably a simple fix for a technical expert but for someone who has little clue about the internal workings of websites it felt like a really big deal. Last month my website got hacked AGAIN prompting me to take more permanent action. From my experience and investigations, here’s what you can do if you think you may have been hacked. I use WordPress but I am sure much of it will apply to other publishing platforms.
What to do if you think you’ve been hacked
1. Check your site from an external source and see where the breach has occurred. Hackers are sneaky, I couldn’t see the offending link from my devices or from my WordPress preview screen. It also was not visible in the mobile version – just the desktop. When I eventually opened it from a computer it was there in all its glory.
2. Back up your site! (More on this below)
3. Contact your publisher – in my case it was WordPress. They were pretty good at responding and making suggestions about what I could do but couldn’t fix it themselves.
4. Learn some basic coding skills OR get friendly with some techie people!! That is what I did! Thankfully, they were able to help and I have no doubt it would have taken them a matter of minutes and I am eternally grateful.
5. Contact your host (in my case it was FatCow). They confirmed I had been hacked and gave me suggestions on what to do and how to prevent it BUT I had to purchase a package for it to be resolved. This is what I did after the second hack attack and it was dealt with swiftly.
6. I recommend taking down your site until it is fixed or your host may automatically do it to prevent blacklisting. If search engines like Google detect malware on your website they may blacklist you, damaging your reputation as well as your search engine rank.
7. If you have backed up you site, delete the infected site and republish your site.
8. Change your passwords on your publishing site and the log in on your host site too.
How to prevent a hack attack in the first place
1. Ensure you have strong passwords (using a mix of capital letters, numbers and special characters).
2. Update your site with the most recent plugins, the latest WordPress version and any other software is updated. If it is running old programs it makes it vulnerable and easier for hackers to get through. I am pretty certain this is why my site was attacked.
3. Install a security plug in. I have since downloaded the free WordPress plugin Sucuri which notifies me whenever someone has unsuccessfully logged onto my site. Although they can’t stop a hack attack, at least I get a heads up when it looks like it is under attack.
4. Make sure you have backed up your website. Thanks to Aby at You Baby Me Mummy, I have discovered there is a plugin for this – Updraft Plus.
5. Scan your personal computer with good antivirus, antispyware programs.
6. My host recommended I purchased an extra security package, SiteLock. After getting hacked for the second time and two days completely off line because my host had taken it down, I purchased SiteLock + 911 which didn’t need me to have a backup of my site, removed the malicious code and conducts regular checks. In fact, I have since had another two attempted hacks which have been prevented. Hooray. In my eyes, definitely worth the small amount of money I paid.
Have you ever been hacked? What did you do and what other advice do you have? Would love to hear your thoughts and I am sure I can’t be alone.
How about pinning it for later?
So sorry to hear that you were hacked twice – what a horrible thing to happen but so glad that you were able to sort it out and thank you for sharing your tips on what to do and how to prevent it. Will have to check out some of those plug-ins and add-ons.
Louise (Little Hearts, Big Love) recently posted…The Friday Focus 18/09/15
Thanks Louise, wasn’t a nice experience. Hopefully these tips will help others. Have a great weekend xx
This is always a worry of mine so thank you for this. I will be definitely installing the security plugin x
Life with Six Kids recently posted…Ten tips to declutter your home
You’re welcome. It was a pretty nasty experience xx
What a horrible experience – I will definitely check out those plugins. I have a few others running, a couple to prevent bulk attack as well which is something I have had and the site was taken down briefly because the repeated attempts were overwhelming the server…
Cathy ( MummyTravels ) recently posted…Where to eat in London – the insider tips
Ooh – what are the plugins for the bulk attack? Sounds nasty! Glad it all got sorted x
Great advice. I will look into these plugins. Thank you for writing this post. Kirsten
Kirsten Toyne recently posted…Freedom-Letting go of our children
You’re welcome Kirsten. Hope it helps x
Oh I can’t imagine how upset you must’ve been – it is such a violation of everything that you’ve put into your blog. Some great tips here.. I use Updraft Plus which is great for backing up but I need to look into that Sucuri. Thanks for sharing and so glad you managed to get everything sorted in the end 🙂 #TheList x
Mum in Brum recently posted…Things you learn by 30
Thank you! It was all a bit stressful but thankfully managed to get it sorted and not lose any of my content. Xx
Hi Elizabeth, pots like this are so helpful, but also quite scary too as it brings home the risk of being hacked is real!
Luckily so far I’ve not been hacked and I’d probably have a melt down if I did. I do get my site backed up daily on BlueHost and so far they have always been a great help when I have needed it (oh and I’ve needed it!). In my mind I have also planned the second phone call I would make in the case of being hacked (a nice chap who calls himself the PC Dr. He is totally unaware of this, but he’s always sorted our PCs out quickly and without fuss).
A really great post with great advice. Thank you for sharing.
#PoCoLo
Debbie recently posted…Oh Me, Oh My! I’m Back From My Unscheduled Break…
Thanks Debbie and for sharing. Always good to have a PC Dr on stand by if ever needed. Well done on backing up your site – I learnt the hard way. Will have to check that link. Xx
thanks for this advice, I’ve only just transferred to self hosted and haven’t contemplated yet the possibility of being hacked – I will certainly be speaking with my techie friend next week on getting this fixed!!!
Keri (Baby Globetrotters) recently posted…Family Flying Airline Review: Qantas
Techie friends are so valuable Keri!! Lucky you for having one to hand xx
This is something that concerns me on a regular basis! Such a useful post lovely – and definitely one that is needed for many people. Off to pin 🙂 Thanks for linking to #PoCoLo x
Verily Victoria Vocalises recently posted…Post Comment Love and Newbie Showcase 18th to 20th September 2015
Thank you lovely. It really is rather scary! Xx
How scary. I would have been in bits not being able to do anything about this straight away and then to have it happen again! Great tips. You’ve certainly made me think!
Claire at Tin Box Traveller recently posted…Five budget family days out in Essex
Thanks Claire! I didn’t see it coming at all and had no idea what to do. Hopefully these will help! Xx
Very informative post! I’ve never tried been hacked YET! but I’ve notice a lot of unsuccessful logins which I tried to block every time I see one. I have installed that Updraft Plus now to backup my website too just in case. Thanks for sharing! #bigfatlinky
Thanks Cheryl. Glad you found it helpful!! Good to keep track of the log ins! Xx
This is so frightening! I’m glad to hear WordPress was helpful & your hosting company & that everything was resolved. Thank you for the tips & good advice here! #bigfatlinky x
Becky, Cuddle Fairy recently posted…My Week at a Glance 18
You’re welcome. Hope they can help others! Xx
What a horrible experience! Glad you got it sorted and thank you for sharing your experience so it helps others. (Will go back up blog in a moment!) #thelist
Mrs Tubbs recently posted…Hello Mum! The Tubblet Gets Ready for the Rugby World Cup. #mysundayphoto
Really hope it does help others – don’t want them to go through what I did x
This is such an informative post – thank you! I have literally just gone self hosted so still a bit clueless but I have just downloaded Updraft at your recommendation – thanks for sharing! #bestandworst
Talya recently posted…10 ways being a mum is like being in a reality TV show
You’re welcome! So glad it helps. Welcome to being self-hosted. It’s the way forward! Xx
Living breathing nightmare! I get so lost with code. Thankfully not had this yet but I will purchase security if i make the jump to self hosted. Thanks for the great advice and thanks for linking up with #bestandworst.
Mama, My Kid Doesn’t Poop Rainbows recently posted…#BestAndWorst Linky Week #19
It was a bit of a nightmare, I won’t lie…pretty stressful! Thanks for guest hosting #bestandworst . You did a great job! x
admin recently posted…The Chedi Muscat, Oman