Security

What to Do If Your Website Has Been Hacked

What to Do If Your Website Has Been Hacked

Discovering your website has been hacked can be stressful, but acting quickly can help minimise the damage. This guide outlines the steps you should take to secure your site and get it back to normal.

Signs Your Website May Have Been Hacked

  • Your website is redirecting visitors to an unfamiliar site
  • You see content or pages you didn't create
  • Google is showing a security warning for your site
  • You're unable to log in to your admin dashboard
  • Your email accounts are sending spam you didn't write
  • New admin users have appeared in your CMS
  • Your website is loading unusually slowly or not at all
  • Your hosting account is using an unexpected amount of resources

Steps to Take

  1. Don't panic — Most hacked websites can be recovered, especially if you have recent backups
  2. Change all passwords immediately — Update the passwords for your Zeniar Portal, Plesk, CMS admin, FTP accounts, email accounts, and database users
  3. Run a malware scan — Use ImunifyAV in Plesk to scan your website for malicious files and code
  4. Restore from a clean backup — If you have a recent backup from before the hack, restore it using the WP Toolkit or Plesk backup tools
  5. Update all software — Make sure your CMS, plugins, themes, and PHP version are all fully up to date
  6. Remove unused plugins and themes — Delete anything you're not actively using
  7. Apply security measures — Use the WP Toolkit's Fix Vulnerabilities feature to apply recommended security hardening
  8. Check for unknown users — Review your CMS admin accounts and remove any you don't recognise
  9. Review file permissions — Make sure file and folder permissions are set correctly and not overly permissive
  10. Submit your site for review — If Google has flagged your site with a security warning, request a review through Google Search Console once your site is clean
  11. Contact Zeniar support — If you need help, reach out to our team at [email protected] and we'll assist you in getting your site back online

Preventing Future Attacks

  • Enable two-factor authentication on all accounts
  • Keep all software up to date at all times
  • Back up your website regularly
  • Use strong, unique passwords and a password manager
  • Only install plugins and themes from trusted sources
  • Run regular malware scans with ImunifyAV
Back to Security