This is the scary sight that greeted me when I visited one of my web sites last week
click on the images to open and enlarge them in a separate window
Shock turned to panic when I began to check my other sites and found that every one of them had been hacked too.
Thankfully, I have the support of my excellent hosting company D9 Solutions Ltd who were able to quickly restore my sites from the backups that they had taken before the breach occurred.
Other than a couple of days of stress and worry the damage was not terminal and now it is “business as usual”!
But what can you do to protect yourself from suffering at the hands of the hackers and save yourself the stress and potential financial loss that a nasty incident like this causes?
My number one tip is to choose the right hosting company.
When an incident like this happens you need the help and support of a responsive web host. I have opened several support tickets with D9 during the last week and every one has been dealt with quickly and efficiently. Unfortunately hacking incidents like this are a common occurrence so a good web host will have plenty of experience and will be able to restore your web sites for you.
You can find out about D9 hosting by clicking here
Tip two is to make sure that you update all scripts that you run to the latest stable versions and remove any that are inactive. The vast majority of breaches occur due to out of date scripts. It only takes one line of badly written PHP code for an attacker to gain access (information supplied by D9)
If you are running WordPress sites make sure you update to the latest version of WordPress (currently version 3.5.1) and also keep your themes and plug-ins updated too.
The next step is to run a full anti-virus, malware and spyware scan on your computer. Hackers often gain access to your websites by infecting your local machine first.
Some popular free tools that I use myself:
Anti-virus
Anti malware
Anti spyware
Registry cleaner (avoids the build up of crap that can clog and slow down your machine)
http://www.piriform.com/ccleaner
On a lighter note!
The hackers also left me this rather apologetic page which explains that they are just testing my security!
Very helpful of them I’m sure!!
Please share
Please share your hacking experiences and any tips to beat the hackers by leaving a comment below.
Talk soon!
 | Want 5 easy side hustles? Get your FREE guide: "5 Easy Etsy Product Lines You Can Do Right Now!" |
.jpg)
I did away with AVG long ago although at the time it was rated as one of the better free anti-virus programs. Did a mediocre job on my machine at best. Once you disappoint me, you have to regain my trust. Much safer now.
That being said, I just wanted to say that while it is somewhat true that “Hackers often gain access to your websites by infecting your local machine first”, it is often from first visiting another infected site that your local machine usually becomes infected.
Then any site you visit after the infection has the potential for itself being infected.
Computer security is not a set it an forget it task. It is a constant never ending battle which requires persistence, vigilance, and diligence. WordPress has the capability to be secured very easily and should be.
Routine backups will make any site restoration go smoothly after the virus has been eradicated.
Lastly, anyone can get hacked. No one is immune. Keep your programs and OS updated always.
So sorry to hear that this happened to you, Stuart! But I’m glad your web host was quick on the money in getting things back to normal. I’m in the process of starting a blog, and learning all these things will definitely be helpful! Thanks for sharing.
I had all of my sites hacked also. I am still trying to recover them and have decided not to continue with some of them. It is a really awful experience to say the least.
So sorry this happened to such a nice person, but how great is this: you saw the opportunity and turned your mess into our prevention. What a generous guy! So now you’d better create an information prouct for yourself on hacker busting.
Hi Stuart,
The same thing happened to me about three months ago, all of a sudden I’m getting strange things on my websites and the admin password and email is changed so i’m locked out. I must admit I did panic a bit 🙁 The lesson I learned is not to ignore the emails I get from wordpress telling me that a new version has been released. As it turns out most of the new versions seem to have a security element to them of some sort.
I’m actually off to update my sites again as I had another wordpress email the other day.
The hackers I had seemed to have basically invaded the site, planted their page and went off to brag about it on a bunch of hacker sites. I havn’t seen any problems since I had it fixed so hopefully thats an end of it
Good Luck
Jim
It sucks when it happens to you. Nice to hear no major damage done, this can be a devastating thing.