My web site was hacked – Now what do I do?

Infected website? Please pass this along to anyone you know who has been hacked recently.

I provide free phone support as well, so if you find any of this confusing just call me, (619) 479-6637

 

“My website was hacked. How do I fix or repair it?”

 

1. Change all FTP passwords, email passwords and passwords for any administrative portion of your web site.

It is possible your password has been comprised or stolen from your computer. After changing your FTP password it is important that you do not save your password within your FTP software, web design software, or in email. In other words, write down your password on paper and do not save in your software (at least for the next couple of months).

Important:
– If possible use FTPS from now on (if possible).
– Set up SSL for any administrative pages on your web site.

A great percentage of hacked web sites are compromised due to clients not using encryption. And it is also possible your computer may have a virus which monitors keystrokes typed directly into your computer or sniffs passwords as they pass through your network or computer. Network sniffing can be avoided by using FTPS and will help prevent easy access to your passwords.

 

2. Run a full antivirus scan on all computers which may have either stored your FTP username/password, or are used to publish your web site files. I recommend installing these:

http://www.malwarebytes.org/
Excellent malware scanning software, with a free download option.

http://www.microsoft.com/security/default.aspx
Start with Microsoft’s website for free or low cost security options.

http://download.cnet.com/windows/internet-security-software-suites/
CNET writes fairly current reviews on the latest antivirus apps. I would start here.

 

3. Ask your web site designer to review all web pages on server and compare them to what your web designer has on his/her computer.

Re-upload your web site from your local copy if possible (since your web host’s backup may include hacked files as well).

 

My website was hacked
4. Apply the latest patches to your content management system.

A content management system, WordPress or Joomla, may have plugins or components which require updates as well. Make sure to update those as well.

Within WordPress, see Dashboard -> Updates. The “Re-install Now” option may help to clear some hacker files as well.

 

5. Do not use your main account password for FTP.

If your account includes a control panel which allows you to set up additional FTP accounts, set up an alternate FTP account for public_html (your web site’s home directory), and use that instead.

 

6. Review these web sites for tips and information:

First review http://unmaskparasites.com
Then review http://sites.google.com/site/webmasterhelpforum/en/faq-malware-and-hacked-sites

 

7. Is Google blocking your web site?

http://www.google.com/safebrowsing/diagnostic?site=http://google.com
*When the page loads, replace “google.com” with your domain.

 

8. If your site was marked as harboring malware, and you’ve since cleared out the hacked code, log into your Google Webmaster account:

https://www.google.com/webmasters/tools/home?hl=en

Click the “Request a review” link within Google Webmaster Tools.

 

 

9. Other Services:

For Bing and Yahoo, see: http://www.bing.com/toolbox/webmaster/
Bing Webmaster Tools, Malware Review Request Form
Below was the old Bing and Yahoo review request form. May still be active and usable.
https://support.discoverbing.com/eform.aspx?productKey=bingcontentremoval&ct=eformts

Then, look for these specific options, “What type of problem do you have?” -> “My site has a malware warning -> “The malware has been removed” -> and fill out the remaining information boxes as best you can. Then click the “Continue” link at bottom.
Trend Micro Internet Security has blocked my website?
If Trend Micro Internet Security lists your website as dangerous, and you know this is not the case, see http://global.sitesafety.trendmicro.com/
Norton Antivirus has blocked my website?
How to request Norton Antivirus unblock your website involves going to Norton Safe Web and submitting your site for rating or re-evaluation. See http://safeweb.norton.com/help/site_owners
AVG Antivirus has blocked my website?
How can I check whether AVG Antivirus is blocking my website? See http://www.avg.com.au/resources/web-page-scanner/

 

 

 

 Website Warnings Wall of Shame

 

Chrome: Danger: Malware Ahead!

Chrome: Danger: Malware Ahead!Danger: Malware Ahead!

Safari | Warning: Visting this site may harm your computer

Safari | Warning: Visting this site may harm your computer

Chrome: The Website Ahead Contains Malware!

Chrome: The Website Ahead Contains Malware!

 
Google | Warning - visiting this web site may harm your computer!

Google | Warning – visiting this web site may harm your computer!

 

Summary
Article Name
My website was hacked - Now what do I do?
Author
Description
My website was hacked - Now what do I do? Internet and website security expert Jim Walker shares his advice for repairing your hacked or infected website. Solid tips to get you back on track and information on preventing hacks or malware infection in the future.

Please feel free to comment via WordPress, Twitter, Facebook or Google+