What To Do If Your Website Or Blog Has Been Hacked

Matt Smith 10-04-2012

what to do if website hackedEveryone wants to think that they won’t be hacked. Usually, they’re wrong. You don’t need to tempt fate by insulting Anonymous or documenting a particularly lulz-worthy obsession. Some hackers try to crack into websites at random as a badge of honor or to advertise their skills, so every site is at risk.


Small sites are particularly vulnerable. Joe Q. Blogger isn’t a security expert and, yes, may neglect to upgrade WordPress The Best WordPress Plugins Read More every now and then. So what happens if you blog does end up hacked?

Take A Breath

If you’re reading this, there is a chance that you just found out your site has been cracked like an egg. Take a deep breath. You can often recover from the damage that’s been done and it’s entirely possible that the problem exists not with you, but with your web host.

Check With Your Web Host

what to do if website hacked

Hackers don’t need to go after your specific site to deface it and, if they don’t hold a grudge against your site specifically, they often don’t. Instead they go after web hosts, looking for weak spots that allow them to deface hundreds or thousands of sites at a time.

I’ve personally experienced this. Someone hacked the web host of an old blog and caused every site on that specific server to re-direct to a “You’ve been hacked!” page complete with an instant messenger contact, presumably so the hacker could try and scrape money from alarmed site owners looking to reverse the damage.


Email or call your web host and see if they’ve come under attack. If so, there’s not much you can do besides wait. It’s rare for a broad attack against a host to wipe out data permanently, so your site should be back to normal shortly.

Survey The Damage

if website hacked

If your site has been specifically targeted, the damage is likely to be more severe. There’s still a good chance that the hacker will have only changed a few files in order to re-direct to a “You’ve been hacked” page, but loss of data is not unheard of.

Look at your file structure and see if anything is missing. Also open up configuration files for your blog and/or website and scan them for changes to their code. This is where a local backup becomes handy. You can use the local copies for comparison with the ones on your web host, which makes spotting changes to the code infinitely easier.


You may at this point wish to back up your site’s current state (make sure you don’t overwrite your existing backup!) This will give you time to look over the files later while minimizing downtime for your site.

Restore Your Website

If the problem is not your web host, restoring your site is up to you.

With a blog there’s an excellent chance that the attack only reached as far as your configuration files. This means that once you are able to restore those files your blog should work the same as before without any loss of content.

A website could be a different matter, depending on how you’ve structured it. Restoring your website may be as simple as drag-and-dropping files from your backup to your web host’s server using an FTP client Transfer Files by FTP with FileZilla Read More . It depends on how you’ve built the site – and since you built it, you probably know better than me.


If your database information has been compromised you will need to restore that, as well. Once again, a backup is invaluable and will turn a potentially crushing blow into a small setback.

Without any backups, your options are limited. Try Google Cache if you’re desperate. Any content that has been up for a week or more should be available, but you will still need to restore the rest of your site from scratch. Once again, blogs are easier. A re-install of WordPress can be accomplished in just a few minutes.

Update Your Security

what to do if website hacked

Once you’ve restored your website it’s important to make sure that it is secure. It’s possible that the hack exposed your passwords or introduced hidden code that can be used later as a backdoor. To ensure security, follow these steps.

  • Look through your site’s files to find any new code that has been introduced. If you don’t have time for that and have a local backup, use the local backup to overwrite the files on your web host.
  • Change all passwords. This includes the account you have with your webhost, CPanel (or any other back-end) and any databases on your web host. If the password you used for your site was the same as the password used by other accounts (such as your email), change them as well.
  • Run a malware scan on your PC and make sure a firewall is active. It’s unlikely, but possible, that the hack was made possible by a trojan on your local machine.
  • Update the software used by your site to the latest version. This will ensure that known exploits are patched.
  • If you’re feeling paranoid, try an intrusion detection system such as Tripwire or Snort. This is getting a bit far up the skill ladder, however, so implementing this probably is not worthwhile unless your site is popular.


As is often the case with computers, preparation goes a long way. If you have no backups of your database or critical files, a serious hack is going to leave you scrambling through cached webpages to find lost content. It’s a time consuming and unpleasant experience that will cause casual bloggers to give up and quit.

Backing up doesn’t take much time. We have several articles about it on MakeUseOf including a guide to automatically backing up WordPress Automate Your Wordpress Backup With Simple Shell Scripting & CRON Last time we talked about Wordpress backups, I showed you how incredibly easy it was to backup your entire database and files though SSH with only a few commands. This time, I'm going to show... Read More and a guide to backing up large SQL database files How To Regularly Back Up Your Large MySQL Database with MySQLDumper As I watch my own Wordpress blog grow in both posts and user comments, I'm starting to eye my growing database with a wary eye. What happens if the server goes down, gets hacked or... Read More .

Have you ever had your site hacked into?  What precautions had you taken to get your site back up and running as quickly as possible? Let us know in the comments below.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Terry
    September 26, 2012 at 12:18 pm

    What to do after the clean up?

    One of my sites was hacked recently. Malicious code and files were discovered during the clean up. I then started looking for some method of protection against this type of intrusion, but could find nothing suitable. So, I decided to write my own script. I’ve developed the script substantially since the hack and I’m now willing to share it in the hope that it will help protect other sites.

    The script will detect any file change on a web site and will email the results on discovery. It can be used to monitor 1 or many sites, all remotely. Full details are on my site:

    • Terry
      September 26, 2012 at 12:23 pm

      Also, if you are a wordpress user, I can highly recommend Wordfence plugin. Search for it in plugins

  2. Martha lee
    August 25, 2012 at 6:03 pm

    What if anything can be done if a former friend sets up a website for you then when the friendship ends locks you out and puts sex adds all over it. Other than outing them risking further attacks what can be done ?

  3. ila
    July 13, 2012 at 4:27 pm

    my blog (blogspot) and my gmail is should i do?

  4. Beauty
    July 11, 2012 at 5:22 am

    I have two sites. I have had incidents in which a couple of individuals have hacked into my computer just to alter my site and to just keep track of my site statistics and stuff. How do I protect myself from such occurrences? I am desperate. Thank you in advance. I just want to "lock" up my site from things like that.


  5. Oren
    June 3, 2012 at 6:52 pm

    Good article about a real problem, you can also use Kyplex services, in addition to vulnerability assessment and daily antivirus we have a unique snapshot service using built in file versioning mechanism and interactive diff, you can actually see what was really changed in your database and apply to your database only required changes.

  6. Ira
    April 28, 2012 at 5:59 am

    I would suggest that you sign up for an account with They provide free malware removal services on anybody hosted on there servers. My site was hacked at blue host and they were able to transfer it from blue host and also remove the malware injection for free!

    They were even able to tell me exactly where the hack originated from as well. They said it came from an outdated timthumb.php file which they were able to update for me.

    They also did a scan of my account and told me all the security vulnerabilities of my account.

    I honestly suggest switching over to them if your website is hacked. They can transfer and remove the hack from your site. Best of all they do this for free.

  7. Aswani
    April 11, 2012 at 6:41 am

    This is very useful information. Luckily, I haven't faced any hacking attempt on my blog. And also, I have heard that google blogger is more secure than wordpress when it comes to security. Thanks for these useful tips..!

  8. erol
    April 11, 2012 at 5:42 am

    My friend´s facebook account has been hacked; he has no acess to it, the hackers changed his email details as well. he wrote to the FB but there is no response how can he regain access to his FB account or delete it at once without FB help. It is easy FB to verify and correct this situation but they do not help.

    • Matt Smith
      April 15, 2012 at 8:57 pm

      I am sorry to say I can't provide you with much help. Facebook accounts can only be recovered using Facebook's approved measures - namely by contacting them. Hopefully they'll get back to you soon!