Over the years, I have offered a ton of tips and advice on how to protect small businesses from data security issues. But let’s face it, no matter how well we protect our data, the hackers are always going to be ahead of us. So there is always the potential of having a data security issue, and one of the most common problems small businesses face is website hacking.
If you are running a content management system like WordPress or if you have an e-commerce shopping cart, it is crucial that you keep it updated with the latest security updates, back it up regularly, and take steps to protect it such as utilizing a firewall, malware/virus detector, etc. Most hosting companies will offer these products for a small monthly fee, you can buy them yourself, and/or WordPress has many security plugin offerings for free.
Of course we all get busy, especially in a small business, and sometimes we just let things slip. So what do you do in the event your website is hacked?
I recently ran a test with WordPress, and based on my experience, it should take you 24 – 48 hours to get your website clean and up and running again – assuming that you have a cooperative hosting company. Here are the steps you should take.
Step 1 – Confirming you’ve been hacked
You need a way to be notified your website has been hacked. Many hosting companies will notify you, but you are on their timeline. So to ensure you are covered, you should also make sure your website is setup with a Webmaster Tools program like Google. Google will notify you when your website is hacked, and they do it fairly quickly. In fact they will even mark in the search engine results that your website may have been hacked so you want to fix the issue asap.
Step 2 – Contact your hosting company
Don’t panic! If your hosting company didn’t notify you, then you need to notify them as quickly as possible. If you are setup with a Webmaster Tools program, you should have some information on the type of hack, a list of the website pages affected, and when it occurred. Most hacks are going to be one or a combination of all the following types: install of virus/malware on your website, redirect links to spam websites, and/or an attempt to access/steal information.
Step 3 – Remove it
In most cases if you didn’t already have some type of protective service installed on your website, your hosting company can either install one and clean it for you or they can provide you with a list of the affected files for you to manually delete via FTP. Once you think everything has been removed, either run the scan or have your hosting company run another scan to verify.
One thing to consider – Ideally you would have had a backup, and you might just be tempted to delete everything from the beginning and start all over. This can be a lot of work so I wouldn’t necessarily just jump to taking this step. Let’s say you had 100 files affected on your website. In reality with an FTP program, it will only take you about an hour to delete those files, and hopefully the damage will be minimal. In my test with WordPress, I had 78 infected files. Once I deleted those files, I only needed to reload my WordPress theme, and I was back the way I started. Either way though make sure you have a backup in the first place, and back it up on a regular basis.
Step 4 – Fix it
Once you remove all of the hack instances, you’ll then need to go about fixing the issues that allowed the hack in the first place. The first thing you want to do is upgrade since this was the most likely issue allowing the hacker to access your website. Using WordPress again as example, you’ll need to update the WordPress version, all plugins, and the theme. Once you’ve upgraded everything, if you didn’t have any type of website firewall/virus/malware scanner, then get one. It’ll go a long way towards preventing you from ever having to endure this headache again.
And that’s it. Remember don’t panic. It may look daunting at first, but in reality if you have a good hosting company and you are backed up, you can actually fix a website hacking issue fairly quickly.
About the author
Trey Wilkins, the founder and CEO of Wilkins Consulting, has over 19 years of technology, data security, and marketing management experience. He specializes in helping small businesses secure and improve their IT infrastructure enabling them to protect their data, improve efficiencies, and cut costs. Trey can be contacted by phone at 478.227.3585 or through the contact form on his website.