5 Critical Steps To Take When a Business Website Gets Hacked

Author: Hanna Frenk

@

Today, hacking has become something that usually happens every day and affects anyone without knowing in advance.

If you own an eCommerce website, and that site is hacked, more chance that your customer's data has been leaked and consequently their loyalty towards your business. Nobody enjoys waking up in the morning to know that their information has been collected by someone else and is being used for any false thing.

Why my website got attacked?

A lot of websites get hacked simply because they are weak. Usually, hackers use some automatic process to parse the internet and identify clear vulnerabilities in each site where their program visits. These programs function like a google bot, where they visit your website to gather information about what you do and what the website is about, this program similarly does things but with the wrong objective.

Once these programs spot a vulnerability in your website, they just continue to exploit. That means they add viruses to your site, so your visitors get infected, or accumulate all the database information and trade it for a profit, or even wipe your entire database. The main concern here is that if you are prone to get hacked, they can do anything with your website.

So, what should I do?

It is a big deal to un-hack a hacked website and can be somewhat complicated to clean it up. But in this case, there are some crucial steps that your website support team must take.

Be Patient: Rather panicking, prefer to stay patient and calm.

Call the support team: If you don’t have the right technical expert staff, just call the support team. This team will be a team to the perfection with both great technical expertise and familiarity with your website and the configuration. The team includes the web developers and the hosting provider. Web designers without the technical background may take a long time to evaluate the issue and fix it. Experienced web developers should possess the essential skills to determine and fix the hack. A lot of hosting providers do not do the exact cleaning work of your business website. But they may have other clients who would be facing the same issue.

Gather all the information for your support team:

Web logs - Ensure that the hosting company provides the weblogs. Both access logs and error logs will be imperatively required.

  • Access credentials of FTP / sFTP- these credentials include the hostname, username, & password

  • Backups - Backups to keep the data safe, in any critical situation that may arise.

  • CMS Login - the administrative / super admin rights of the website content management system

  • Hosting Login -login credential of hosting control panel for accessing the database and weblogs

  • Collect all the crucial information that your support and developer team will need for fixing the website hacking.

Temporarily Offline Your Website: It is recommended to tentatively shut down your business website while it is being evaluated and fixed. The hosting control panel should have the ability to turn off your site temporarily. Or you can even password protect the main directory where your website stays to block visitors from visiting it while the team fix it.

Scan for viruses and malware in local computers: To ensure that the local computer(s) are not infected with malware, viruses, trojan, etc., scan the local computer at the earliest. Also, the anti-virus that you use to scan the computer must be up-to-date.