My Website Got Hacked: Here’s How I Fixed It
There are certain things you hope don’t happen to your website.
You hope that you don’t get spam comments, or that your server has an outage.
You hope that all of the functionality works at all times, and that it can be viewed on all devices without any bugs.
The biggest thing you hope (and pray) for, is a clean and secure website. Whilst we do everything we can to keep our website secure, hackers and bots are far more intelligent than ever before. They always find a back door.
Yes… My website got hacked.
Luckily, it wasn’t as bad as it could be.
I could have had content stolen, pages cleaned and links broken.
To show you exactly what happened, here is how my blog stream should look (see below).
The above is how my blog page should look. A nice visual, and a short breakdown of content around that article and share buttons.
This is what it looked like after the hackers got in.
Frustrating to say the least.
The good news is that the site is now fixed, but it wasn’t as simple as it may seem. With hackers becoming more intelligent, it becomes harder to protect your website.
I wanted to share with you exactly how I fixed my website after it got hacked.
Step 1: Restore The Site
Luckily for me, my team are working on my website daily so we were able to pinpoint the exact day that the website was hacked.
Because we use a hosting company who can restore the website from a previous date (thank you Nimbus) it made this step a whole lot easier.
I reached out to the team at Nimbus, and they restored my website to a few days before the hack was noticed.
This did mean that all content posted from that point, or any website changes made, had to be done again.
Step 2: Update Everything
Because you are manually restoring to an earlier date, you will need to update all of your plugins once this has been done.
If you use WordPress (like me) you may find that there is also a new WordPress update. It is so important that you update everything to keep the website running smoothly.
Step 3: Protection
After restoring an earlier version pre-hack, and updating plugins and website software, you now need to look at stopping this from happening in the future.
Nimbus (my website hosting software) was able to run a scan to find exactly where the malware was on my website which you can see below.
I also got Nimbus to run the scan after all updates had been made, to be on the safe side.
I will admit, this is something I didn’t have in place. Therefore I paid the price for this, so a lesson from me to you is – use a security plugin.
I have decided to use Wordfence on the recommendation of my website hosting company; Nimbus. Wordfence is a wordpress plugin that gives your website a firewall, and scanning for malware on a regular basis.
If, like me, you use WordPress to build your website(s), Wordfence is a great, free option for you to use. See below on how to install the plugin for your WordPress website.
I would love to find out what you do to make your website secure. Also whether you are finding it harder to protect your website as hackers/bots are becoming more advanced.