There are over 1 billion websites on the World Wide Web, with each website shutting down will grow many new ones at any given time.
Among the most asked questions regarding owning a website, is how and why websites are hacked.
For too many reasons, websites should be accessible to anyone in the world, at any given time. This is a big advantage since information can be delivered instantly. But the problem with everyone has the access to see your website, comes with hackers that may have an eye on it.
Different hackers have different motives for compromising a website. They include:
- Financial gain: Hackers can place spam links on your website or redirecting traffic.
- Stealing sensitive information: Information from your users are alluring.
- Delivering political/social message: Defacing as a form to emphasize a point of view and cause change.
- Malware: Hackers can inject malicious codes that may affect how your website works.
- Thrill-seeking or vandalism: Just for fun and the thrills.
Know When Your Website Has Been Hacked
If your website has been hacked, it would probably show some common signs.
They include: unusual traffic spikes, decreasing server respond, increased server activity and bandwidth usage, incoming visitors from unrelated search terms, people reporting malware, newly created accounts that have administrator privilege, altered database, suspicious pages added, and so forth.
Know How Your Website Get Hacked
There are plenty of possibilities, but the common reasons include: outdated technologies, software vulnerabilities, leaked or guessed password, unauthenticated administrator pages, unsanitized database queries, unnecessary open ports, and so forth.
Your website can also be hacked with the hackers in exploiting human weaknesses through social engineering. Hackers can do this using phishing or impersonation of a trusted authority.
Know What To Do When Your Website Get Hacked
The first thing to do, is to call a support team, if you don't have the right expertise. You (or the support team) needs a strong technical expertise that is also familiar with your website and its configurations. This can include your web developer and/or your hosting provider.
What do you see that leads you to a conclusion that your website have been hacked? When was the time you saw the issue? What actions have you done recently?
Put your website offline, blocking anyone who may want to access it. You may need to protect the main directory where your website resides in order to block both human and bot visitors from accessing your website while you and your team are working on a fix.
Working with a clean computer free from virus and malware, you can then engage with diagnostic attempt to know how your website was hacked, and do clean ups.
- Try to mitigate the hack by reverting to the previous working version by using your last but clean backup.
- Create a backup of your hacked website, and downloading it for offline inspection.
- Change your passwords for website logins, database, FTP, etc..
- Examine log files and other data to determine how and when the website was hacked.
- Examine software extensions to ensure they are using the newest version and have no known vulnerabilities.
- Review any custom software code.
- Cleaning your website and put it back online to see how it goes live.
It is very important to understand how and why your website was hacked, so you can properly clean it, and mitigate any future attacks. To ease your work in recovering your website, it's wise for you as a website owner or webmaster, to keep all information in a safe location, so you can access things quickly.