So your website got hacked. Now what?


If it’s one thing that anybody would dread, it is to see their company website get hacked. But today, websites get hacked around the world on a daily basis. Hopefully, you’re not one of those unlucky souls to undergo this horror. But either way, what do you do if your website gets hacked? Here’s what you need to know.

Your website can get hacked in many ways

WordPress exploits

WordPress is one of the most popular Content Management Systems in the world right now. There are estimated more than X million WordPress users from around the globe. Hence WordPress is a constant target for more hackers. One reason is that WordPress offers a variety of potential vulnerabilities.


Every WordPress website utilizes website themes. There are many free themes available for use and premium ones for purchase. But often when unregistered website themes are used, the website becomes immediately vulnerable. This is because unauthorized themes won’t have access to security updates from the developers.


Plugins are also a popular element with WordPress users. This is because plugins enable convenient functionality. But plugins need to be updated on a regular basis by the developers. Often outdated plugins mean unpatched vulnerabilities. This, in turn, presents the perfect opportunity for attackers to comprise websites.

WordPress vulnerabilities

Of course, it’s not just themes and plugins. WordPress itself can present vulnerabilities. If left unattended, these can also result in security loopholes.

SQL Injection

Structured Query Language (SQL) vulnerabilities are one of the most common ways hackers get through to websites. This usually happens when SQL queries aren’t protected whenever data is retrieved from the website’s database.


This is where users are being tricked to logging information on a legitimate website. In reality, it’s a fake website used by attackers to obtain sensitive information. This information can be used to gain access and compromise the website.

Compromised passwords

This is exactly what it sounds like. One of the most basic, yet vital security measures placed on our digital activities is setting strong passwords to our systems. But this is often overlooked by most today. After all, simpler passwords are easier to remember. Nevertheless, simplicity comes at the cost of your website’s security.

Hacked? What you need to do

Okay so what exactly do you do when your website is hacked? Well first off its important to take a deep breath and not panic.

Damage control

Before getting into the hack, you would need to quarantine the website. The first step is to take the website offline and ideally set up an “under maintenance” static webpage. It would also be wise to reach out to the hosting provider. The attack may have affected the hosting provider and would probably offer a better understanding of the attack’s scope.

Scan for vulnerabilities

Get your web team to scan the system and find the loopholes immediately. Vulnerability scanners and antivirus scanners are your friends here. Once found, patch the vulnerabilities immediately. Ideally, get the security team onboard (if you have one) and get them to do the job as security teams may be more thorough with the process.

The administrator’s systems are a good place to start. There’s every chance that attackers may have installed spyware, trojan horse or other malicious programs on the admin system. Here, antivirus scanners would help identify if the system has fallen victim. It would be prudent to run multiple scanners as antivirus scanners may sometimes report false positives. Additionally, it also makes sense to scan the webserver along with any device used to post updates on the site.

It would also be wise to check for weak passwords. A thorough look through the server logs may reflect any suspicious activities if any. For example, multiple login attempts to access the administrator account.

As pointed out earlier, outdated software is another possible loophole. Systems like WordPress are straightforward in terms of keeping themes, plugins and other software components updated. But other systems may need a bit of a research.

Attackers also target the use of permissive coding practices such as open redirects and SQL injections. If current implementation includes these, patches need to be done. This can be in the form of signed redirects or parameterized SQL queries in the case of SQL injections. 

Cleaning the website

Once the vulnerabilities are identified, next comes the cleaning up process. Attackers may leave newly created URLs on the website. If the website is connected to Google Search Console, this can be identified through its dashboard.

Following this comes the server cleanup. Here, the latest backup that was taken before the hack is restored. Once restored, any available upgrades/updates are installed. Afterward, change all relevant passwords.

Following this comes the server cleanup. Here, the latest backup that was taken before the hack is restored. Once restored, any available upgrades/updates are installed. Afterward, change all relevant passwords. Furthermore, removing any possible unnecessary software such as plugins or widgets would enable better security and effective maintenance.

The servers themselves should be cleaned. Thereby, a clean installation should be ideally conducted. Once the installation is complete, the content should be copied from the clean backup. Pay attention to make sure appropriate file permissions are maintained and not to overwrite the freshly installed system files.

Finally, a double check should be followed for the entire process before concluding.  

Managing website security

There is no magic pill that will solve all your website security woes in an instance. As you would expect by now, security is an ongoing process. It needs to be looked at on a continuous basis. However, there are relatively basic things that can be done to enhance a website’s security significantly. Integrating these to a long term plan would enable a far more efficient website security mechanism.

First and foremost, take regular backups. Having backups of your website adds a safety net for your website security. In a situation where your website is compromised, backups would prove to be vital in restoring your online operations.

The next step is to establish proper access level controls to everyone accessing the website. Not everybody needs to have administrative privileges. Secondly, placing multi-factor authentication would offer an extra layer of protection.

Another way of managing website security is to register the website with search engines like Google Webmaster tools. This would allow users to utilize Google’s infrastructure to monitor the website’s health.

Too much work? Here’s an alternative

Of course, this isn’t everything when it comes to website security. We hope this helps you in managing your website security. After all, managing website security should be a top priority for every entity in today’s environment. But then again, there may be times where this task seems daunting or even time-consuming. Whatever the reason, there’s an alternative process of dealing with the matter. Maintenance of website security could be delegated to a third party that specializes in security. The main benefit here is that a dedicated security team will overlook the security matters, leaving you to focus on the more essential business matters. Additionally, having a more knowledgeable team onboard would result in overall security to be more thorough as well.

There are many companies available today that deals with these types of situations on a regular basis. C-YBER is one of them. So, in case you’re keen on dealing with your website’s security and want to make sure a pro handles it for you, then feel free to give us a buzz.