Goins, Writer

On Writing, Ideas, and Making a Difference

What to Do If Your Website Ever Gets Hacked

83 Flares 83 Flares ×

Last weekend, my blog was hacked. Within a few hours, everything was back to normal. But it was scary. And I didn’t know what to do.

My guess is that some bloggers are as ignorant as I was of what to do. In fact, if I weren’t fortunate enough to get some help, I would’ve been doomed. So I thought I’d share what I did, along with tips for what to do if your blog ever gets hacked.

Locks on a door

If your site gets hacked, you gotta lock it down! Photo credit: Flickr (Creative Commons)

Tell the world

As soon as my blog was down, I let people know via Twitter and Facebook (since people were already asking why I was sending them to a loans website). This accomplishes two goals:

  1. It sets reasonable expectations for readers, friends, and fans.
  2. It lets people know that you need help. (I’ve found that the Twitter community can be especially resourceful when it comes to technology issues.)

Contact your host

Not quite sure what to do, I first contacted my host. The folks at Site5 responded immediately (at 11pm) and removed the line of code that was injected into my site to redirect to a loans site.

They removed it, and everything was back to normal.

Or so it seemed.

I quickly realized that while my homepage was restored, all my files (i.e. posts and pages) were corrupted.

Undo the damage

A friend on Twitter offered to help fix the problem I was having (since I was tweeting the whole experience). I really cannot say enough good things about Mitch Canter (@studionashvegas). Seriously, if you have any WordPress/website/blog needs or desires, he’s your man.

Within 15 minutes, my site was back to normal. (Thanks, Mitch — you really saved my life, or at least, my blog.

Readers: Follow Mitch, send him chocolate, and consider hiring him.

Change all your passwords

Next, I changed all three of my passwords for my blog: site admin (i.e. FTP login), WordPress login, and my “backstage” login to access my server.

I auto-generated a complicated password that I had to write down and save, so that I could remember it next time I log in to my FTP. I’m ashamed to admit that two of my passwords were the same and would have been pretty easy to guess.

Install a firewall

My friend Ryan (who once had 100 WordPress blogs crash in one day due to a hacker) recommended a WordPress firewall plugin.

This is a free program that protects your blog from attacks and injections (whatever those are). When someone tries to hack your site, it sends you an email to notify you.

Other takeaways

I learned a few takeaways from the experience:

  1. Backup all your files, so that if you do lose something, it can be easily restored. (If you’re on WordPress, check out my friend Adam’s tutorial for backing up your blog.)
  2. Save your drafts offline. I’m moving over all my posts to Evernote so that they’re saved in the cloud. In the terrible event that I might lose all my posts, I could then re-post them. I also now save a copy of post drafts on my computer in my “blog” folder.
  3. Be ready. Every blog that I follow and respect has been hacked at some point. Plan for disaster. It will happen.

Concluding thoughts

  • Having a good, customer-friendly host is essential.
  • Having a friendly, neighborhood geek you can call up is really important.
  • Having a great tribe and online presence in other social media outlets really helps. Within minutes of my site being down, people were notifying me. I am so grateful for the community this blog has created.

Further reading:

Has your blog or website ever been hacked? What did you do? Is your site ready for an attack? Share your thoughts and best practices in the comments section. (Click here if you’re reading this via email or in RSS.)

*Photo credit: Flickr

83 Flares Twitter 52 Facebook 29 Pin It Share 0 Google+ 1 Buffer 1 83 Flares ×

About Jeff Goins

I help people tell better stories and make a difference in the world. My family and I live outside of Nashville, TN. Follow me on Twitter, Facebook, or Google Plus. To get updates and free stuff, join my newsletter.

Become a Better Writer in 31 Days

Ready to take your writing to the next level? Sign up for my free email newsletter, and you’ll immediately get entered in the My 500 Words Challenge, a 31-day series that will help you build a regular writing habit. Enter your email below.

  • http://michaelhyatt.com Michael Hyatt

     Jeff, I have had this happen, too. We made numerous adjustments because of it. I would also suggest using VaultPress to back up your WordPress files every hour. It is expensive but a life-saver. It is made Automattic, the same folks who make WordPress.

    I would also recommend 1Password for all your passwords. This way you don’t have to remember them. The software does. I generate 16-to-20-character, complicated passwords for everything. They are all different, but 1Password remembers them all.

    • http://goinswriter.com/ Jeff Goins

      Good tips, Mike. Thanks.

  • http://davidsantistevan.com David Santistevan

     A massive resource, Jeff. Thanks. This has not happened to me yet but I should probably take the necessary precautions.

    • http://goinswriter.com/ Jeff Goins

      Thanks, David. I would strongly recommend it. Not to sound all gloom and doom, but you should prepare for the worst.

  • Karen

     Wow! Thanks Jeff! I am saving this article in its very own folder. I, too, am guilty of poor password choices. All of that changes now I really appreciate you sharing your story and the great resources you used to get out of a “pickle.”
    Thanks!

    • http://goinswriter.com/ Jeff Goins

       Thanks, Karen. I just kind of stumbled out of it — not very intentional. Without community, I would’ve been up a creek. I wrote this so that others could more intentionally prepare.

  • http://robrash.us Rob Rash

     Been there man. I had a business website that was hacked by some dude in the middle east. Not fun.

    I’m gonna have to get that WordPress Firewall plug in for my personal site… just to be on the safe side.

    Thanks for sharing Jeff!

    • http://goinswriter.com/ Jeff Goins

      No problem, Rob. Yeah, it’s free, so why not?

  • http://twitter.com/ethanwaldman Ethan Waldman

     Jeff- Thanks for the tips.  I’ve always wondered how common this is and what I can do to prevent it.  

    • http://goinswriter.com/ Jeff Goins

      You’re welcome, Ethan. More common than it should be. EVERY blogger whom I respect has been hacked.

  • http://www.thedailywalk.net Adam

    This has happened to me and it really stunk. It is so important to have those backups!

    What was the name of that firewall plugin?

  • Anonymous

    Thanks for the blog Jeff… I am going to read up on this and make sure it doesn’t happen to me… Good to connect… Geoff

    • http://goinswriter.com/ Jeff Goins

      Likewise, Geoff with a G. ;)

  • http://thoughtsaboutnothing.com @kylereed

     I have had clients blogs hacked and it sucks. It is never good to get that email for phone call. 
    I am thankful for friends who helped me figure out what was going on because If I didn’t have them I would have been in some trouble

    • http://goinswriter.com/ Jeff Goins

      Ditto! any other tips you’d recommend, Kyle?

      • http://thoughtsaboutnothing.com @kylereed

        from my experience it is watching yourself on open networks. That is where I have seen it happen the most. Anytime someone is on an open network like a coffee shop or something like that your stuff is accessible. Changing passwords often helps a ton 

        • http://goinswriter.com/ Jeff Goins

          interesting.

  • http://www.marianneworley.com Marianne Worley

    For a completely non-technical person like me, this post is critical. I just installed the firewall plugin. I’m just about to run a backup to my Iomega eGo drive too. Thanks Jeff.

    • http://goinswriter.com/ Jeff Goins

      very cool, marianne. i’m right with you.

  • Anonymous

    Excellent advice. I just realized that my backup plug-in isn’t working – WTH? Thanks for the reminder. Dumb question, though – if I change my WordPress password, are there any implications for working with plug-ins or other programs? I’ve changed site passwords for other sites before and there’s been a time-consuming ripple effect…

    • http://goinswriter.com/ Jeff Goins

      not that i know of.

  • http://www.tillhecomes.org Jeremy Myers

    Great tips. I’m glad things are back to normal now.

    • http://goinswriter.com/ Jeff Goins

      Me too.

  • Linnette Mullin

    Thanks for sharing, Jeff! :D

  • Bkantarjian

    I am saving this. Just this week I received email asking if I had requested a password change for my blog anhinga.wordpress.com. NO. Thank you so much for sharing.

    • http://goinswriter.com/ Jeff Goins

      You’re welcome!

  • http://www.seoweave.com/ Greg Fowler

    Great information, our site has been hacked, and destroyed our rankings in Google in one day because the hacker installed re-directs.  Restoring the site is pretty much the easy part, but getting the rankings back?  That is a whole different story.

    • SC

      How did you get the ranking back? Same has happened to me?
      iSmile.uk.com

  • http://www.facebook.com/people/Donna-Anderson/1154870899 Donna Anderson

    After I got done crying I did the same thing you did – I went right to my Twitter pals and started sharing my sorrow.  Within 15 minutes I had 3 programmers I’d never even met, helping me get my blog back up.   Such a wonderful community on Twitter!  I blogged about those guys and sent out Tweets about them for months afterward.  Forever in their debt!

    • http://goinswriter.com/ Jeff Goins

      Amen!

  • Saad

    I just got one of my client’s company website and blog got hacked. Guess what I did the first thing. I followed the link of facebook page, and requested the hacker that you have hacked my website. That is so brilliant of you now can you help me out get out of it please. Thanks and appreciated.

    He actually responded to wait 24 hours and he will let me know. I don’t know if he is going to delete the rest of the files too or is actually going to help :(

  • Guest

    I’ve been hacked :(  Thanks for this post Jeff, I have no idea what to do but have just contacted my host.  My hack is different to yours though – all sites on my network have been taken down and the login page to my host is “Unable to Connect”.  Worried.

  • http://www.lifeofasteward.com Loren Pinilis

    Well, I just joined the ranks of the initiated. I was hacked.
    It was a nightmare during the time, but now that I look back it really wasn’t that bad.
    One thing I did do, which you didn’t mention here, was to take down the site. In my case, it was giving visitors malware. So I figured this way it wouldn’t be flagged and wouldn’t infect anyone. (To bring down the site, I just went to the root director and deleted index.php after backing it up.)
    And I will absolutely echo your sentiments about having a good network of techie friends. They saved my rear end in this case!

  • Davidvanorbeek

     This is an event I started on Facebook to
    spread the news about “the legal stealing” of my old site-name,… My site was hijacked 3 months ago,…

    Metal art sculptures – Vanorbeek David, Artdeev

    David versus Goliath.

    THIS IS A SYMBOLIC ACTION! YOU DON’T HAVE TO MOVE TO JOIN THIS EVENT / THE DATE IS NOT IMPORTANT!!!

     

     

     

     

    Hello,

    First of all my best wishes for the new year, that your life may be
    as you want it to be! A good health and lots of good creations!

    I start this event NOT because I want it so much, NOT because I have
    nothing else to do, I start this event to make sure you don’t have to
    write the same story in the future!
    My story started more then 10 years
    ago. As an young artist I asked a friend to built me a website about my
    work. My name is David (deev), I make sculptures (art),
    so artdeev.com was born. More then 10 years I put love and work in
    this site so I felt like a proud father about this virtual creation.
    Pagerank 4 on Google, the first page to show up under
    ‘metal art sculptures’, +500 links pointing to it and many thousands
    of people who have visited it and have my business cards ever since.
    But sometimes happy stories come to an end,…when you
    don’t follow (or even forget to follow) the rules of Big Brother,
    untouchable and cold.
    Ten years ago my friend created my site at Yahoo. I thought it was a
    good idea to choose for a well known company in which I honestly
    believed until two months ago! Two months ago from one second
    to the other I was no longer the owner of my own websitename!!!
    Yahoo had sold my name!!! Without my permission, without I knew about it
    they sold my artdeev.com to an Australian Domainname
    company. What the f**k happened, what went wrong? I didn’t
    understand. Seems that the contract of 10 years expired, and also the 40
    days above that time. How could this happen? What mistake have
    I made? They didn’t ask me, they didn’t contact me, nor the friend
    who created the site ten years ago! She still seemed to be the official
    owner, she still lives on the same address, has the same
    phone number as 10 years ago. Suddenly there it was, my mistake: I
    didn’t have the password or an email-address linked to the creation of
    the site! I never knew or asked my friend about it and
    she thought she gave it to me. So maybe (?) yahoo has sent out an
    email to notify about the expiring? Thing is that not I, nor my friend
    ever opened this mail address at all in ten years time, so
    you would think the mails must have been returned to the sender and
    they therefor would phone or write to the post address of the owner!?
    No, expired, sold, new owner. And what about my own name
    then and my mail address, it is on the site and I always payed them
    with visa, so they knew my name.
    When I contact the ‘new’ owner two days later an I put a back-order
    (to see I can buy it back) for the site I get no answer. In the mean
    time an other friend of mine who is IT consultant and
    journalist is contacting the Yahoo-chiefs in Europe and America
    about this matter. A few days later the site becomes an online casino
    and a few more days later the site gets his 3th owner!?,
    again an domain-seller company in Portland this time. When I ask to
    buy my name back the answer is dry and clear: “Our domain sales experts
    can research the availability of any domain name.
    Simply enter an offer of $2500 or more and we’ll get started!”
    Simply? Excuse me, I forgot to pay $10 for the hole year, so this is
    what you have paid for it also!!! Nice business!!!
    The story is even a little bit more complicated, but these are the
    most important facts. So on the other side of the world a company owns
    my site name now, they have caused me more then one month
    not to be able to work,… I live with my family from my work and as
    the most of you people know how hard it is to make a living out of art.
    But Big Brother only look at the rules, rules that he
    has written! No compassion, no humanity, no feelings, no hart, NO
    ART!!! “Simply” would have been that when I noticed the site was gone I
    could have acted, I could have bought it back and pay a
    tax for being to late. If today you type in the words ‘vanorbeek
    david’ on google, artdeev shows up. A site about gambling, poker, bingo,
    nothing to do with me at all, but my name is associated
    with it! Is this legal then, because what they did is legal!!!

    I would like to ask all of you, little brothers and little sisters,
    as a sort of support and as proof that you have read this story so you
    don’t have to write the same in the future, to,
    ‘participate’ (this is symbolic) (push “participate” in the head of
    the page) this event and maybe to “invite your friends” (also push
    “invite friends” in the head of the page) so they can read,
    join and share. As I, you are not alright with this situation and
    the way it works. Who does he think he is this Big Brother, doesn’t he
    know the story of David and Goliath? Spread the
    news!!!

    Make sure you control the expiring date of your website!!!

    Thank you
    David, alias
    (Art)Deev

    New name http://www.vanorbeek.com

     

    https://www.facebook.com/events/530685256950446/permalink/530707023614936/

  • Jessie

    OMG- My website got hacked last year, and it was such a
    mess. I had 2 other websites hosted on my same FTP server, and they were all
    being redirected to some weird website selling pharmaceuticals or something. I
    worked on it for probably 2 days before I gave in and started looking for
    professional help. I found a website called eSecurityPros.com and worked with
    their technicians. They had my sites completely fixed, up and running in a day.
    The whole thing costs about $200, but definitely worth it. I’d recommend them
    to anyone.

    • Scurit

      There are a lot of scam companies that claim to be experts in malware removal. eSecurityPros.com has only been in business for about 5 months. Trust real experts, with security credentials and degrees – scurit.com. We also don’t charge 200.00 because we know what we are doing and have been in the industry for over 15+ years, not 5 months.

  • Sonali Singh

    I have first hand experience and know it can be such a hassle to deal with. Later I started using http://totalwebsecurity.com to hardening my website. It is a brilliant tool to protect our website from malware and hackers and getting blacklist from google. Awesome !!!

  • zodiac legend

    My business fan-page just got hacked. Fb support was USELESS and didn’t know how to assist me in getting it back. It had 12 000 fans and was created in 2009.

    So much for their `loyalty’ …

  • Piter
83 Flares Twitter 52 Facebook 29 Pin It Share 0 Google+ 1 Buffer 1 83 Flares ×