Your website's been hacked - now what?

By Mari Roelofse - 4088 views

Being hacked is an emotional thing, within seconds you become incredibly vulnerable as someone sitting behind a computer can suddenly do as they please with your website. Unfortunately this is not an uncommon occurrence; it happens quite often, to large and smaller companies alike – something to keep in mind before you head into a state of panic. The important thing is to take action and implement changes to decrease the chances of it ever happening again.

 

 

 

There are countless ways in which a hacker can get into your system, and countless ways for you to counter attack, but knowing the basics may be of just as much help. If you are informed on the subject, it may put you at ease and aid your IT department or host in taking care of the matter.

Begin by running a full local anti-virus/malware scan. If possible, identify the machine which was hacked. If you do not host the website yourself, call up your hosting provider and alert them of the situation. Make backups of your files and have someone investigate them at a later stage.

You might have changed all of your passwords, but if the cookies on the hacker’s computer are valid. You will have to change your secret keys in order to disable these cookies. If you are running a Wordpress site, visit their key generator to get hold of a new set of keys, and then you can overwrite the old ones in your wp-config.php file.

 

Make your website difficult to hack by implementing the following steps:

 

  1. Change your passwords at least once a month. It is also vital to conjure up complex passwords which make use of upper and lower case, symbols and numbers.
  2. Never keep a document on your computer which is labelled, or contains the words ‘password’ or ‘username’. This is the easiest way for hackers to access all of your accounts and cause havoc. If you struggle to remember passwords, make use of an app like 1Password.
  3. Do regular updates to ensure that you have the latest version of your operating system available. This way your software can detect and disable most of the latest hacks.
  4. Consider using source as opposed to open source CMS. However, if you are using open source CMS, make sure that you always have the latest version installed, ensuring that all your plugins are up to date.
  5. Avoid investing in low budget hosting plans, as the more costly plans also tend to have all the latest updates in terms of potential threats.
  6. Do not keep client lists on the server; rather access them remotely when you need to. Otherwise your clients may receive spam from the hacker in question.

Hacking has intensified in recent years, becoming so sophisticated that it is not easily avoidable. Companies hacked in 2013 include Microsoft, Apple, Evernote and even the CIA. Although hackers are known to be malicious and destructive, there are those who do not cause any harm. You may be able to distinguish between these, but the threat of an outside having access to your website or personal information is chilling.

People may hack your website for a number of reasons; it could be to link your links back to their own website, to steal your website traffic, to force unwanted content on your site or to take valuable information from you. Rather implement the steps you can to prevent hacking and in the event of a successful hack, remember the steps to take in order to get rid of the problem.

 

Mari Roelofse is a Digital Journalist & Content Editor for Sound Idea Digital | mari@soundidea.co.za | Sound Idea Digital | www.soundidea.co.za


   

[Back]

blog comments powered by Disqus