How to repair a hacked website

Sites are most often hacked through vulnerabilities in the website code, compromised Content Management Systems or by accessing the site via FTP, which is often linked to spyware or brute force attacks.

It is imperative that you repair and secure the website as a matter of urgency, as there can be serious consequences.

What should I do if my site is hacked?

  1. Remove the content the hacker uploaded to your website. This may be a complex process as it may not be obvious where or what the hacked content is. You may need the help of a web specialist or website cleaning services – find help here.
  2. Replace the hacked content with your local website copy. If you don’t have a copy of your website, your content and databases can be restored via the Restore Backup Tool. (Ensure that you are updating a backup version from before the hack – this is not always possible.)
  3. Update your CMS and review your site’s security. Please refer to the CMS provider’s website and forums for information on security patches and version upgrades. If you need any assistance in managing your website content and security, we can refer you to specialists in this field.
  4. Ensure that your website is protected against future attacks i.e. for a start, update the anti-virus software on your computer and change your FTP password. Use a security application such as Cloudbric WAF.

The motivation behind the site being hacked may be to engage in phishing or to send out spam. This kind of abuse associated with hacked websites is damaging to the reputations of your company and the hosting provider alike.

Assist Note

Further reading:

Sucuri: How to clean a hacked website with specific links to WordPress, Joomla, Magento and Drupal guides.