Title | Things to Do After Your Site is Hacked |
Permission | rw-r--r-- |
Author | Unknown |
Date and Time | 22:22 |
Category | wiki |
Share |
1. Contact your hosting
Contact your hosting provider if you notice that your site is hacked. Contact your hosting as soon as possible and ask them to investigate the attack.
2. Change all of your passwords
You should also change all your passwords (FTP/SFTP accounts, MySQL accounts and even your Root password) immediately. Passwords should be long, difficult to guess, so it will be a
3. Back Up your databases
Start backing up your MySQL database. In order to back up your MySQL databases, you can simply use PHPMyAdmin in your cPanel (Database < 10MB). For larger databases, you can backup via SSH (if available in your webhost)
4. Back up your site content
Back up your web contents as soon as possible. For backing up other server/site content, you can use tools like Cobian Backup (http://www.cobiansoft.com) or CyberDuck (http://cyberduck.ch). Don’t worry about malicious code being included in your backup, you can later clean it out.
5. Check the logs
Look through your logs in your webhosting account in order to see whether someone has logged into your webhosting account. Also, check your site files for any changes or modifications that occur without your permission.
6. Clean up the Malicious Files
In order to destroy themalicious files, Scan through all corrupted files and server directories. You should also destroy old or unused code. Set the permissions to 755 and 644 for all directory files in your server.
7. Update your Software
If you are use CMS, update your CMS with the latest version. Then the final step is import your cleaned up site content and SQL databases to the server.