Hacking used to be something that happened to other people but recently we’ve come into close contact with a couple of hacked websites.
How do you know if your website is hacked?
If you come across this message on Google: “This site may be hacked” then chances are your website has been hacked.
What to do if your website is hacked?
Act fast. No-one wants to visit an unsafe site on the world-wide-web as it may mean that their computer becomes infected too.
- If you are not the website owner, you should inform them. They will need to notify the web designer.
- Check that security software is installed in the website to stop future risk of hacking. We work with WordPress websites, and a simple plug in called Wordfence notifies us when someone has logged in and when plugins need updating (these should be updated regularly for security).
- Make sure you have backups of your website. In WordPress, we use Backup WordPress which automatically runs daily backups of the site. For one client, we download a weekly site backup, however a lot of web designers hold automatic backups on their remote server.
- Change your password
- Log into the Google Search Console and use Fetch to see what the issues are
- Get your site scanned & cleaned of all the hacked content, we use a great company called 3D Pixel who offer a service called Salvage my site. They were able to remove tiny scraps of data and also detect how the hackers gained entry and secure your site.
- Submit a request and review in the Security Issues section in Search Console when your entire website is clean and secure. After Google check that your site is fixed, they’ll remove the “This site may be hacked” message.
Google is not going to rank websites which are unsafe so it is best to get it sorted as soon as possible. Once your site is back up and working you should keep a close eye it to make sure you have properly fixed the issue and the hackers cannot regain access to your site.