What to Do in the Event Your Website is Hacked

Share This Post

If you’re reading this, there’s a chance you’re having a pretty bad day. Each and every day hackers around the world breach the websites of business owners just like yourself. First off, don’t feel bad or be mad at yourself. Chances are, there is going to be a lesson or two to glean from this experience, but hacks and data breaches happen to even the best of us. So take a deep breath, give this article a quick read, and move forward step by step.


What to Do First

  • First thing, contact your server host – You should be able to get some details about the attack, including how the breach occurred, and your web host should be able to provide you with tools to remove the injected malware or other malicious software, as well as provide you with support to accomplish this goal and get your site back up and running as quickly as possible.
  • Lock down your admin accounts – Immediately change your password, including your email password, and advise all of your site admin to do the same. Many hacks are due to “brute force” attacks and ensuring that you have a “strong” password can help prevent these types of attacks in the future.
  • Update your WordPress or other CMS (Content Management System) and any and all plugins to their respective latest versions – Updates address bugs and known issues so if it’s available, you may want to turn on “Automatic Updates.”
  • Login to Google Webmaster Tools – Check for any site warnings from Google that need your attention.


If you have site and data backups, you’re in luck. After completing the above, a simple reinstall should have your website back up and running quickly and quite effortlessly. While this is pretty straightforward in most cases, there are times where you may run into issues and of course it is at those times you’re going to want experienced technical support.

If you do not have data backups, things are going to be a little more complicated. While there are some ways in which your data may be able to be retrieved or recreated, it can be both costly and time-consuming. While there are many choices when it comes to secure WordPress hosting, selecting one that doesn’t provide data backups can be costly.


Time to Re-Evaluate

When it’s all said and done, one of the biggest things to consider is whether or not you want to continue with your current hosting provider. You may want to investigate to determine whether or not they provide regular malware scans, updates for plugins and CMS interfaces, and of course those all-important backups. While preferably they will indeed provide backups, and offsite backups at that, now is definitely the time to consider a move if none is provided.

Your downtime is not only costly in a monetary sense, but it can also cost you potential longterm customers and your reputation. Ensuring that your site and your customer’s data and personal information, especially financial information, is located on secure servers is the responsibility of all successful business owners.

Real-time uptime monitoring can also be critically important in today’s business world. An alert from monitoring can be an early indicator of a breach or other issues and if your customers are unable to reach your website, especially for an extended period of time, chances are good that they will turn elsewhere. If your WordPress hosting provider isn’t offering this as a standard feature, you should again consider making a move.


Prepare For the Future

It doesn’t matter if you’ve had your website for 6 years, 6 days, or you plan to launch 6 weeks from now, if you think your website won’t be subject to hacks or breaches, you’re only fooling yourself. In their never-ending quest for customer data, hackers target as many sites as they can on a daily basis. The more information they can compromise, the closer they are to stealing identities or outright robbing your customers of their hard earned money.

Partnering with All Things WordPress ensures that your company website is located on secure servers and that it is monitored with real-time uptime monitoring. Not only that, we provide 90-days off-site backups and daily malware scans along with automatic updates for both WordPress core as well as your plugins.

If things get really dicey, or you just have questions, we offer expert WordPress support and have the tools and resources on hand to accomplish whatever job you may need done. If your WordPress site has already been subject to an attack or you’re nervous about your “free” web host, you should contact us today to find out how easy it is to make the move to the secure option.

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore