My site has been hacked, what do I do?

Firstly don't panic.

Then follow these steps.

  1. Change all passwords for all services hosted with us, that includes, control panel, FTP & email accounts, MySQL databases and CMS systems you host. make sure you use separate new complex passwords for each login.
  2. If you haven't already then open a ticket with us describing the site that has been hacked and any other information you may have that could help us, we need to see the hacked files in place ourself to understand the entry point of the hackers and gather evidence if needed.
  3. After we have confirmed you can proceed you should remove all website files from the site and upload a known good local backup (you are taking regular local backups aren't you?), if you don't have a local backup then we may have a backup prior to the hack attempt if caught early enough, but as we state in our terms of service our backups are not guaranteed.
  4. Restore your database from a known good version. If you must use the latest database data then you should manually check all database fields for data possibly inserted by the hacker.
  5. If you are using a common CMS like WordPress or Joomla then you should update it to the latest secure version and don't forget to update all third-party components.

Please follow our other security articles on how to secure your site once it is clean.

  • 4 Users Found This Useful
Was this answer helpful?

Related Articles

Why upgrade your cms?

It is important to update the software we use on the Internet (cms applications and web browsers)...

Securing your site

Typical attack vectors for hacked sites are the following: Insecure file and folder...

General Security advice

It goes without saying that securing your website is extremely important. Below are some best...

Securing WordPress

Here at ServWise, we see daily attacks on WordPress websites and regularly see sites being...

Limiting brute force attacks in WordPress

It is quite common for hackers to attempt random scans of websites for common security...