Back
  |  Home
Full SiteCommunity
  1. Help
  2. Linux Hosting (cPanel)
  1. Help
  2. Windows Hosting (Plesk)
  1. Help
  2. Web & Classic Hosting
  1. Help
  2. Website Security and Backups

Help Center

My website was hacked. What should I do?

First off, if your site was hacked, you have our sympathy. It's really frustrating - not only because it's troublesome to your visitors, but it's really difficult to completely remove the hack.

There are many ways to resolve the issue, but we're going to cover the fastest and easiest way to fix your website.

Are you sure it's hacked?

Unless your website has obviously been defaced, go to http://www.google.com/safebrowsing/diagnostic?site=your domain name — if your website has been hacked, it should show a warning here.

If this doesn't show an error, it's possible your website has still been compromised, but it's less likely.

Change your passwords

If your site's been hacked, you need to immediately change all of your passwords. We recommend using strong passwords.

Note: To make sure you use the right instructions, find out what type of hosting account you have.

Hosting type Password resets
cPanel Primary FTP, secondary FTP, databases, apps like WordPress
Plesk Primary FTP, secondary FTP, databases, apps like WordPress
Web & Classic Primary FTP, secondary FTP, MySQL databases, MS SQL databases, apps like WordPress

Restore from backup

If you have a backup of your website (and database) that you know wasn't corrupted, you should re-upload it to your hosting account.

Remove the hack

It's nearly impossible for anyone to reliably remove malware from a website by hand. To remove the compromise from your files, we recommend using an application like Express Malware Removal. Using its automatic malware scan technology, it will not only find any compromises in your files, it also removes them.

Identify & fix the weakness

To prevent your site from getting hacked again, you should identify how your site was compromised. There are two types of weaknesses: passwords and structural problems.

Passwords

Most hacks happen because the attacker was able to guess your account's password by brute force. By simply changing your password (and using a stronger one this time), you can prevent these attacks from succeeding in the future.

Structural

These types of weaknesses require thorough testing to identify. There's a lot of security software that can perform these types of scans but, again, we recommend Express Malware Scanner. It can identify a number of different issues, as well as help you fix them.

Related Articles

Why Should I Not Use FTP to Upload My Web Site if I am Using FrontPage?
What is a website backup?
How should I send email from my IIS 7 Windows shared hosting Web site?
What is Website Security Express?
What is Website Security?