My website was hacked!
If your website was hacked, it means someone gained access to your website's files and did something nefarious, like inserting malicious code (known as "malware") into them.
You can fix the issues in many ways, but we're going to cover the most basic.
Change your passwords
If your site was hacked, immediately change all of your passwords. To ensure your site doesn't get hacked again, you should use a strong password.
Note: To make sure you use the right instructions, find out what type of hosting account you have.
|Hosting type||Password resets|
|cPanel||Primary FTP, secondary FTP, databases, apps like WordPress|
|Plesk||Primary FTP, secondary FTP, databases, apps like WordPress|
|Web & Classic||Primary FTP, secondary FTP, MySQL databases, MS SQL databases, apps like WordPress|
Restore your site from a backup
One of the easiest ways to resolve the issue is to restore your site to a previous version using a backup.
If you have a backup, use one of these articles:
Remove the malware
Unless the hack was a simple defacement, it's almost impossible to remove all traces of a hack by hand. To ensure everything is cleaned, we recommend using an application like Website Security. Website Security scans your website to find and remove any compromises in your files.
Identify & fix the weakness
To stop further hacks in the future, you should figure out if your site was hacked because of a weak password or a structural issue.
Most hacks happen because an attacker guessed your account's password. Making your password stronger can usually protect you from these attacks in the future.
Structural issues mean that the way your site is constructed leaves it vulnerable to hacks. These are hard to identify for anyone but seasoned web developers. However, many pieces of security software can help analyze your site for structural issues. Again, we recommend Website Security. It can identify many different structural issues, as well as help you fix them.