Got Hacked? Google Outlines 8 Steps to Help Recover Your Site [VIDEO]
If you own a website and see any of the following warnings…
Unfortunately, your site has probably been hacked!
Cybercriminals constantly attack thousands of websites each day. These hacks are often times invisible to users, but can become extremely dangerous to potentially anyone viewing the site including the owner. Hackers can infect sites with harmful code that can do a number of malicious activities like record keystrokes to steal login credentials for online banking and financial transactions.
So what do you do if your site has been hacked?
Well, fortunately for you, Google has launched a special page initiative and series of tutorials to help guide webmasters through a hack. The Webmasters help for hacked sites outlines the following 8 steps to take along the path to recovery:
Step 1: Watch the overview
In the first series of Help for hacked sites: Overview, Google explains how and why sites are hacked, and the process to go through to recover a site and remove the user-facing warning label. Hackers find ways into sites by exploiting small vulnerabilities in the design. Once they’ve entered a site and can gain admin control, they can easily insert spammy text or other malicious code. Some of the more common ways hackers exploit sites is through older and out-of-date software and by stealing login credentials. Depending on your knowledge of web design and programming, Google suggests you either do it yourself (if experienced enough) or look to get help from web security specialists (which the video series can help you determine).
Step 2: Contact your hoster and build a support team
In the event of a hack, contact your hosting provider and let them know of the compromise to allow you to gain control back over your server. Depending on your technical acumen, you may need to enlist the help of a security specialist to help you recover your site. Some great resources for hacked websites can be found in Google’s Webmaster tools and at StopBadware.org
Step 3: Quarantine your site
Next you’ll want to prevent cybercriminals from causing any further damage to your site and/or audience. Take your site offline as soon as possible to try and complete some important admin tasks with less interference from the hacker. Then perform a thorough user check to see if any new accounts were created or compromised. Finally change the passwords for all site users.
Step 4: Touch base with Webmaster Tools
Make sure to verify ownership of your site with Google Webmaster Tools to read any potential critical messages from Google to help you in the next step of the recovery process. It’s best you do this now before your site gets hacked really. Once verified though, check to see the hacker didn’t make unwanted changes in your webmaster settings. Ultimately Google’s message should help you determine whether your site has been hacked with spam or malware.
Step 5: Assess the Damage: Have you been hacked with spam, malware or both?
Once you determined the extent of the damage, make a list of all the affected files and try and determine what the intent of the hacker was. Google has two detailed courses of action to take in the instances of spam and malware attacks.
Spam attacks
Malware attacks
Step 6: Identify the vulnerability
What was the root cause of the vulnerability that allowed the hacker into your site? The problem is this isn’t an easy question to answer, as there could be multiple subtle flaws in your site that could be exploited. Google covers a few potential vulnerabilities to investigate which include virus-infected administrator systems, weak or reused passwords, out-of-date software and permissive coding practices like open redirects and SQL injections.
Step 7: Clean and maintain your site
Now you want to restore the good content, eliminate any infected files, patch the vulnerabilty and make a better plan to maintain the security of your site. Consider expediting the removal of any new URLs created by the hacker or phishing pages. Clean up your servers and restore your backup files. Eliminate any unnecessary software and double-check that the cleanup process has been thoroughly completed. Once this has all been taken care of, you are ready to bring your site back online!
Step 8: Request a review
The final step is to request a review with Google to remove the flag warning users headed to your site. Follow the appropriate steps given the type of hack recovered from:
Report Incorrect Phishing Warning
Malware
Spam
So have you ever been hacked? Did you find these new tutorial videos by Google to be useful?
