Is Your Website Hacked? Here’s How to Find Out, clean and prevent

July 27, 2015

How to secure your site from hackers

Is Your Website Hacked? Here’s How to Find Out, clean and preventTweet This

Are you seeing weird messages on your home page? Filled with junk messages related to casinos or health pills?

You know your website is hacked when your homepage looks different or has an explicit message that your website is hacked.

And that’s not it..  You can’t even login to your site.

Unfortunately, today’s website hacking isn’t very obvious.

Most hacks today are done on the inside of your site and you’ll never know what hit you until one of your visitor complains about your site.

Some website hacks doesn’t target your site, but gets to your visitors instead.

The hack will infect your website with a virus and spread the infection to others and probably to other servers as well. This could be very detrimental to your site and could affect its reputation.

This Infographic should help you with details

infographics-how-to-prevent website hacks

Share this Image On Your Site

Here’s the full article:

Popular Ways Hackers Hack Your Website

It doesn’t matter if the website comes from a small blogger or a Fortune 500 company, or even a government or a security agency. Because if these hackers want to, they can get to it no matter what.

Hacking a website is not all about accessing your login information either. Hackers have gone wiser in every hack and have found numerous ways to get into your system.

Here are the ways in which a website gets hacked:

  • SQL Injection

    sql-injectionSQL Injection involves entering a SQL code into web forms and login fields, or into the browser to access and manipulate the database in your website, system, or application. All the entered data and sites that require access has its own SQL database. This is where all login information is stored. A simple SQL code entered in web forms are just all that a hacker needs to gain access to your system or even steal you and your customer’s email address and personal information.

  • ClickJacking

    ClickJackingClickJacking or UI Redress Attack is a form of hack where the hacker uses multiple opaque layers to trick the user into clicking it without them knowing. This hack is usually intended for a page that the hacker to want you to be in and not for attacking your page.

    For example, the hacker can design a website similar to a banking website and have it placed in the bank’s website. This lead users to believe that they are entering their login details to a real banking website where in fact it is actually a Clickjacking layer beneath the real website of the bank.

  • Remote Code Execution Attacks

    remote-codeRemote Code Execution Attacks are basically a result of the server side or client side weakness. It is a security vulnerability where the attacker can execute code from the remote server.

    There are vulnerable components that a hacker can gain access through executing a code remotely. These can be libraries, or remote directories in as a server that hasn’t been monitored or software modules that run on the basis of authenticated access. These components can be attacked through scripts, malware, and small command lines.


How to Find Out if Your Site Has Been Hacked

  • Check your files

    check-files If you aren’t familiar with the code of the site and your files, now is the time to study and be familiar with it as soon as possible. The first time in identifying if you got hacked is to check the site files for code problems. Most hackers attack these files on your website:


    .php files

    media files

  • Use security tools

    security-toolsA quick scan with these security tools is extremely useful if you aren’t comfortable checking for it manually. The internet has plenty of security tools and website plugins to check if your site has been hacked. Some of the best ones are:

    • Better WP Security

      itheme-securityBetter WP Security can help you determine if your wordpres blog has been hacked by looking for the changes of the files on your site. It looks for removed, added or modified files in your site and report it to you via email. WordPress hacks are usually done by injecting a code into WordPress files and Better WP Security can detect for these issues.

    • Sucuri SiteCheck

      This is an online service that scans and identifies the problems with your site. The service scans your database of known problems to determine if the site has been hacked. It looks for spams, viruses, and other items to ensure that your website is safe. Securi’s free service is for manual scans only, but if you would like to have periodic checks on your site subscribe to an annual plan at $89.99 per year.  Get Sucuri

    • Google Webmaster Tools

      googlw-wmtoolGoogle Webmaster Tools not only helps in managing your site, but also checks for its overall health. If you haven’t integrated Google Webmaster Tools in your site, now is the time to do so. Once it is all set up, go to Malware and check if any malware exists on your site.


How to Clean a Hacked Site

If the tools above show that it has been hacked and/or contains viruses and malware, here’s what you can do:


  • Backup for rescue:

    The best way to clean a hacked site is to revert to the last working backup of your site that has never been infected. Remember to always make a full backup of your site or else you’ll be stuck at square one when something like this happens.

  • Clean up affected files

    Suspicious code in your site can be cleaned by downloading the affected files using your FTP application. Then, make the necessary deletions and modifications and re-upload it. In this way, the infected files are replaced with clean ones. Scan again to check if there are still infected files. If there are none, proceed to the next step.

  • Change Passwords:

    Change all your passwords including your user and admin passwords. Don’t forget to change the password of your FTP, SSH accounts and your hosting account control panel.

  • Check for Cron Jobs

    . Some malware will install a scheduler in your server by adding a task to your Cron Job or similar scheduler. These can reinfect your cleaned system and unless you get rid of that cron job, you won’t be able to remove the hack or malware.

How to Prevent the Hack From Happening

If your site is clean, take the necessary actions to protect it right away. Here’s what you can do.

  • Constantly Monitor Your Site

    Monitor- SiteUsing security tools such as Google Webmaster Tools and Sucuri Site Check to monitor your website health. It’s always better to pay the services if need be as fixing the problem is more expensive than fixing it.


    Check your website for unusual traffic patterns or suspicious behavior. If you see a sudden spike in traffic from unexpected places, your old content is suddenly spiked with traffic, or anything that cannot be explained as a normal activity in your site these tools will be able to warn you about it and prevent it from happening in the future.

  • Use the Best Security Practices

    Use-Security-PracticesA website hack is usually done by accessing your password either by getting it to you or through brute force methods. Use a strong password and ensure to change it regularly. Use uncommon passwords and words that are completely unrelated to you for better security. Keep administrator accounts to a minimum and remove any unnecessary content from your site.


    Protect your files and database with a strong password as well. Keep your security settings to the highest possible level while still allowing your visitors to fully enjoy your site.


    If you are using CMS like Shopify and WordPress, be sure to use only the themes and plugins from reputable sites. Remove any unused themes or plugins as it may be vulnerable and could be the reason your site will get hacked.



If your website gets hacked, don’t panic.

Sure, it can cause you a lot of headaches but once you’ve found a way to fix the problem, it will be easier to prevent a hack from happening in the future. Take the time and effort necessary to monitor your site – scan and check for vulnerabilities, then clean it as soon as you can.

Ensure that you do regular backups to your site as getting rid of it is as simple as reverting back to the last known working backup that is free suspicious codes.

Lastly, use a secure password. Hackers can’t get to your site if you have a secure password that even brute force attacks could take thousands of years to crack it.

Get Sucuri , a comprehensive website security system. If you are serious about website security, then Sucuri would give you peace of mind. It can clean infected sites as well as protect your site from future attacks. They even have a wordpress plugin, in case you have a wordpress blog.

Is Your Website Hacked? Here’s How to Find Out, clean and preventTweet This