Seeing first-hand that your precious investment has been hacked can be a terrifying experience. This fallout is serious, considering the amount of work and money you have put into. What do you do know?

Who Hacks Websites?

The internet is overflowing with individuals who are on the hunt for ways through which they can destroy and steal vital information. The reasons why people do this are many. Websites sometimes get hacked because hackers wish to gain access to people’s personal and financial information. They also get hacked because the attackers want to use them as repositories for malicious software. Unwary visitors to the sites are subsequently infected and pass the malware around. Lastly, websites get hacked because hackers have a vendetta against the company or are paid for by competitors. Yes, you heard me right. Although this usually happens with larger firms, the risks of losing your investment, especially in this era, is immense.

Do This Immediately…

If your website has been hacked or compromised in any way alert your hosting provider immediately to ensure your site is not, literally, “spamming the world”.

A suspension will prevent any further hijacking of your content and sometimes it will protect your domain’s integrity and also limit the damage already done. Damage that has affected your site, emails, and the server’s reputation you are hosted on. Which in turn affects other sites and email accounts on that server potentially for days! These are business impacting issues that you and your host can do without.

These 3 Things May Have Caused The Hack

1. Your website has been neglected. If your Content Management System (CMS) such as WordPress, Drupal, or Joomla is not updated frequently, you are leaving security holes everywhere. These are easy access points by hackers because they know the vulnerabilities by heart. They even have the documentation for vulnerabilities!

2. Your forms are not Secure. Your contact, order forms or blogs do not have adequate robot security. You need a RECAPTCHA or HoneyPot installed on contact forms, order forms, and if you have one…your blog.

3. Your passwords are weak or used everywhere. If a hacker cracks your password, they will often attempt to use it on other parts of your hosting. For example, if they get your email password they’ll try to use it on your website editor. Also, you could be using a weak login password to your website or one of your other administrators could have a weak password. Or you may have outdated administrators that need removing entirely.

What To Do Next

Scan your site for malicious content and ensure it is removed. Your web developer will know what to do (and we hope they do). You may need to restore an earlier backup that has not been compromised. However, this is not always a solution as the malicious code could have purposely been laying dormant for weeks or months before being activated. In other words, your backup may also be infected!

Make sure they do the following and don’t attempt to do it yourself:

  1. Update the core system, all plugins, and themes to the currently supported versions.
  2. Remove any unused plugins and themes – this will also help your site run more efficiently.
  3. Ensure you have a RECAPTCHA or Honeypot installed on your sites contact and order forms. These fend off hackers robots from using your forms to send Spam.
  4. Change your CMS login/WP-admin, cPanel, and email passwords regularly and to very STRONG ones. And remove old administrators and users that may have worked on your site in the past.
  5. Scan all computers used to access your website editor for any viruses. Ensure they are clean and the OS (Operating System) is up to date…the hacker could have got in this way (through a virus on your computer) and cracked your website and CMS admin password, or your cPanel password, and/or your email passwords!
  6. Do a forensic analysis to detect where the hack happened and apply possible patches.

The BIG Lesson

If you update your websites plugins and themes regularly and use strong passwords then this makes it difficult for nasty activity to be attracted to your site. But if you don’t update your site regularly and use weak passwords then it makes your site very vulnerable! This often creates a multitude of painful and costly issues for your business.

It’s much like owning a car – if you don’t maintain it the chances are it will break down sooner rather than later and the repair bill will be much much higher than a regularly scheduled service!

A regular update schedule is so important

You have a website live and on the web for a reason…for you to attract the right kind of customers who will use your products or services or information. Don’t risk unwanted activity by not setting up a regular update schedule.

About Bwired’s Rhyno Cloud

High-Speed Hosting, Cybersecurity, Maintenance & Support – All in one!

Rhyno Cloud is an enterprise, fully-managed service plan that allows your organization to receive hosting, support, updates, cyber-attack monitoring and cleanup, custom development, and reporting for your system for a fixed monthly cost.

Our fully-managed service plans are built and maintained by a team of experienced WordPress, Drupal, Joomla Web and Mobile App developers, server experts, and cybersecurity professionals.

Has your site been infected or you want to make sure you are protected? Visit Rhyno Cloud for more info.

About Bwired Technologies

Celebrating its 10th year, Bwired Technologies empowers digital leaders by creating competitive advantage through the design and development of robust web, mobile, and digital solutions. The company’s Rhyno Cloud™ also integrates high-speed hosting, cybersecurity, maintenance and support into one fully-managed solution. Visit Bwired.ca

About Dan Duran

At the dynamic cross-section of Digital Technology, you’ll find Dan. An experienced technology strategist with a strong understanding of business and agile software management. Dan founded Bwired in 2009. He holds an iMBA degree from the University of Illinois, a bachelor’s degree in Economics and Business Administration from Wilfrid Laurier University, and a Software Product Management Specialization from the University of Alberta.