My site got hacked!

My site was hacked! What do I do now? Below is a collection of links that will help you to find, clean and validate your files and web coding. For general site security, you may want to review the following sites:

 

http://www.google.com/webmasters/

http://googleonlinesecurity.blogspot.com/2011/05/website-security-for-webmasters.html

http://phpsec.org/projects/guide/

http://www.sitelock.com

http://w3schools.com/site/site_validate.asp

http://www.tech-faq.com/how-to-find-security-vulnerabilities-in-source-code.html

http://www.fortify.com/landing/extra/ppc_source_code.html

http://sectools.org/ http://en.wikipedia.org/wiki/Code_injection

 

A company named SiteLock helps with protecting sites, and cleaning them after they have been hacked. You can learn more about them by going to their website here.

What if my site listed by Google as malware? http://www.google.com/support/forum/p/Webmasters/label?lid=2fe2a8ee8e37c08e&hl=en

A few things to note: First the only way to be sure that your site is completely clean is to download your content, and completely remove ALL content from the server, and only re upload clean copies of software and web files. If you are using a scripted program such as WordPress, Joomla, ZenCart etc. this means deleting the entire installation, and performing a new install of the software you are using on the server. Downloading a clean and new copy of your theme, and plug ins from the original sources and re upload and install them.

Why is this important? Because some files are required such as your index page. If these pages have had any extra code injected to them then the site will still be hacked and compromised. To resolve this you will need to validate your pages and image files to ensure that they are virus free.

About backups: You may be thinking, but I have a backup! It is important to note that a backup may or may not fix the issue. If the Site was already hacked before the backup was created, then you will only be replacing hacked content with more hacked content. Why is that important? Because if your site has been hacked and they uploaded any files those files would not be removed making your site still vulnerable to being re attacked. Its like locking the door of your house but leaving the windows open when you go out. The door is secure but there are other ways in.

Unfortunately I do not provide support for web content, scripting or coding. As a result I will not be able to assist you in cleaning your files. Please dont ask. I wish you the best of luck in reviewing and securing your site.

 

© 2012 The-Tribunal ©   Entries (RSS) | Comments (RSS).   Theme by johndturner.com