Cleaning Your Hacked Website

Although we specialize in WordPress sites, I’ve seen dozens of hacked websites over the years, and although there are millions of creative variations, there are pretty much four basic types of hacks that I’ve seen.

malware-on-websiteBackdoor:
A backdoor lets an attacker gain access to your environment to do anything they wish. They’re the most dangerous, because they can even delete your website, but they’re not all that common.

Drive By Downloads:
These are awful, and will download software right onto your user’s local machine.

People are gullible, and they’ll click “yes” and agree to anything, and end up with all sorts of malware and viruses. Again, these aren’t all that common.

Pharma Hack:
The pharma-hack and it’s many variants are very common, and they usually involve placing doorway pages on your website that end up getting indexed by Google.

7-13-2015 12-28-54 PMIt’s so named because in the beginning it only seemed to be pill sellers, but over the years it’s evolved to span all industries.

When this happens to you, your search results end up getting marked by Google in an effort to warn users away from visiting your site…

Malicious Redirects:
This hack redirects visitors to other domains, which then may deliver a malicious payload, like installing spyware and adware. Unfortunately, this is pretty common  and we see this one all too often.

How can you protect yourself?

  • Do weekly backups of your website
  • Store those backups somewhere other than your webhost
  • Upgrade your WordPress core as they are released
  • Upgrade your WordPress plugins as they are released.
  • Replace WordPress plugins that aren’t updated regularly
  • Remove unneeded software, FTP accounts, and database users
  • Make website maintenance someone else’s problem

What if you’re hacked already?

Here’s a very detailed guide to identifying and removing your particular hack.  It talks about the four types of hack,  and the various symptoms and methods.  Quite often, it’s pretty easy to figure out what’s been done and clean it up, but that’s just the beginning.

Besides cleaning up their mess, you also have to identify how they got to your site in the first place, and then patch that security hole, which can be tricky, and feel like a never-ending battle.  In most cases, it makes sense to $200, and have someone like Sucuri do it.  They’ll not only clean your hacked website, but they’ll keep your site safe for an entire year.

Leave a Comment