A couple days ago, we woke up to the one of the scariest possible scenarios that could happen to a blog owner. We were hacked. And we knew that in a matter of hours everybody would know this. We had the glaring red dreadful sign saying our site was an attacker site! This was terrifying to realize, but we finally resolved everything, and learned a lot along the way. We are writing this article to share what we learned in case any of you out there happen to experience the same thing…
WHAT IS MALWARE?
According to Google, Malware for those out there that aren’t aware, is “malicious code —for example, scripts or iFrames that pull content from another website that tries to attack any computer that views the page.
The term “malware” covers all sorts of malicious software designed to harm a computer or network. Kinds of malware include (but are not limited to) viruses, worms, spyware, and Trojan horses. Once a site or computer has been compromised, it can be used to host malicious content such as phishing sites (sites designed to trick users into parting with personal and credit card information). Some hackers may even take administrative control over a hacked site”.
Intentions of malware or badware may include: spam, stealing financial information, confidential information and passwords, attacking other computers, and networks, spreading malware, and tricking a user into buying something.
As daunting as all this may sound, Do Not Panic. It is a waste of energy (we learned the hard way) because there is a solution to your problem.
Again, this may sound counter intuitive, but as much as you may feel like it, DO NOT PANIC. Being hacked sucks royally yes, but there are answers, and you can have your site back to normal before you know it. There are people and resources out there to help you get started right away.
WHAT TO DO IF YOU HAVE MALWARE:
1). CALL YOUR HOSTING PROVIDER. They can walk you through step by step as they did in our case. (Shout out to GoDaddy). If your provider won’t help you at a time such as this, you may want to consider switching.
2). Make sure your site is upgraded to the latest WordPress (or whatever CMS you may be using) version.
3). Change your FTP and admin password and make sure the hacker didn’t create another user.
4). Make sure there are no added scripts or code left by the hacker, and that no modifications have taken place. (In our case there was added code in the .htacces file that redirected users to another site. We immediately deleted it the code). Save the added code in case you want to explain to Google in the future what you did to clean up your site.
5). Once you’ve removed all the malicious code and done what you can to clean up, go to Google Webmaster Tools and ask Google to review your site again:
The steps are: a). Log into Google WebMasters account.
b). Click on your domain name
c). Click on Diagnostics
d). Click on Malware
e). Click on request a review ( Sometimes you may have to wait a while before this option pops up (in our case a couple hours) because Google hasn’t gotten to your site yet. Just be patient. Remember Google crawls a gagillion (is that a word?) sites a day.
Once you’ve done all this check back often and if everything is in the clear, you will get a message saying your site is now clean and Google will be taking down the attack warning soon (Yay!). In our case it took a couple hours and then we were good to go.
HOW TO PROTECT YOURSELF FROM MALWARE:
1). Make sure that the software (such as WordPress) that you use, including all the plugins are up to date.
2). Change any default passwords that come with your software and make sure you regularly update them.
3). Remove any scripts and software you no longer use.
4). Make sure the file permissions you use are up to date.
Though the experience was trying to say the least, we did learn a lot. We learned what to do when attacked, and more importantly we learned steps we could take to avoid this in the future. We’ve included several links below to further educate you, and wish you all the best. Here’s to hoping you never experience an attack. If you do however have the unfortunate experience, you will at least be prepared and now how to resolve the issue.
Tips for Cleaning and Securing Your Website – stopbadware.org
How Can I Avoid Being Infected with Badware – stopbadware.org
About Malware and Hacked Sites – google.com
FAQ My WordPress Site Was Hacked – codex.wordpress.org
Preventing Malware Infection – google.com
Did Your WordPress Site Get Hacked – ocaoimh.ie
Hardening WordPress Security: – 25 Essential Plugins and Tips – hongkiat.com
What is Badware? – stopbadware.org
How to Completely Clean Your Hacked WordPress Installation – smackdown.blogsblogsblogs.com
What All You Need to do to Keep Your Blog Secure from Hackers – blogdesignstudio.com
11 Best Tips to to Secure Your WordPress Blog – softwarebuzzer.com