Getting hacked is a nightmare scenario if you run a website. Your site going down or being infected with malware can affect revenue, your Google rankings, and the trust of your customers.
Unfortunately, websites are attacked every day. Though just a small percentage of these attacks are successful, you should still prioritize security.
At Authority Hacker, as well as teaching our customers how to make money blogging with affiliate marketing sites, we run several websites. Despite our years in the industry, we have never suffered from a successful hack attempt. This is perhaps because security is something we think about a lot.
We have two main strategies to keep attackers at bay. The first includes all the measures we have in place that protect our sites from attacks.
Regularly scanning for malware, implementing a firewall to protect yourself from dangerous traffic, and keeping all plugins and tools up-to-date are essential to keeping your site secure. Using strong passwords and protecting login forms against brute force hacks can also help.
If you want to learn more about how to protect your site, WP Security Ninja has a comprehensive list of ten steps you can take. It covers most bases to consider if you use WordPress.
We also have a backup plan that includes all the steps we will take should our defenses ever be breached.
We hope we will never have to use this document, But knowing it exists gives us peace of mind that should we suffer an attack, we’ll be back up and running as soon as possible.
Our plan is specific to our sites and needs, so we can’t share it exactly. But, this article will explore how to create a backup that will help you get up and running again if your site gets attacked.
Table of Contents
Set Up an Alert System
The first step to recovering from an attack is discovering the breach in the first place. Thus, the first part of your backup plan must revolve around finding attacks and the extent of any damage.
It will often be obvious if you have been hit; your site may be down or your browser may show a warning when you try to access it.
In an ideal world, you’d discover a hack before the malicious actor has time to do significant damage.
Installing a malware scanner is a good way to learn about attacks early. These tools regularly scan your site for signs of a breach and let you know when one has occurred.
Your hosting solution may also notify you of hacks. This is a common service offered by many of the best hosting providers, including SiteGround, HostGator, and GoDaddy. Just monitor the email address you provided to your host to ensure you notice any alerts.
You can see affected pages within Google Search Console. Just head to the security issues section to see if there are any problems on your site. Hopefully, there are no issues like in the screenshot below.
Alert Your Web Host
Your web host will often be able to help you if you have been attacked. Contacting customer support is one of the first things you should do to see what steps they recommend.
Key to alerting your web host is having your login details on hand. Saving your details in a password manager is good practice as it will provide quick access in case of an emergency.
Even if the host can’t do anything, you will typically be able to take recovery steps from within your dashboard. Having access to this page is vital.
Know Where to Find a Specialist
Sometimes, recovering from a hack will be as simple as contacting your host so they can solve the problem, or reinstalling a site from a backup.
In other situations, especially if you update your site frequently or if you keep sensitive customer data, it can be a good idea to hire a specialist. This person will take care of the technical side of finding out the extent of the damage and repairing it in a way that minimizes disruption.
Whether this is worth it for you will depend on multiple factors. If your site is relatively small and static then it may not be necessary. On the other hand, if your site generates significant revenue, hiring an expert could be a worthwhile investment.
If you think hiring a specialist would be worth it, do your research early so you can contact them as soon as you get hit.
Access Site Logs
Accessing site logs will help you discover when an attack took place. Most web hosts provide logs going back months that you can download from within your dashboard.
Knowing when attackers breached your site is important as it allows you to backup from a clean source file.
Sites logs may also tell you what the problem was, which can help you take steps to recover. If they show the attack came through a vulnerable plugin, you can either uninstall it or update to the latest version.
Alternatively, if the problem came from a brute force password attack, you can put in place measures that limit hackers’ ability to perform these attacks.
Reinstall Your Site from a Backup
Reinstalling your site from a clean backup is typically an easy way to recover from a hack. Even if you haven’t been manually backing up your site, most hosting providers will save previous versions you can use in case of an attack.
Just head to your hosting dashboard to see what is available. Hopefully, you have a good idea of when the breach occurred from website logs or real-time scanning. If this is the case, just choose a backup generated before the hack and reinstall from there.
Those with more technical knowledge, or the budget to hire a third party, may be able to remove the malicious code from the website files and database without doing a complete reinstall.
Build a Maintenance Mode
Unsurprisingly, the Google algorithm doesn’t look kindly on sites that are down or dangerous. If your website is affected by a hack, it won’t be long before your search engine rankings start to drop.
That’s why maintenance mode is important. This is a simple webpage that you redirect visitors to that explains that your site is undergoing maintenance and will be back soon.
While this isn’t an ideal scenario, it is far better than continuing to send users to a dangerous site. Your ranking may not be affected much if you get this in place soon.
Preparing the maintenance page before you suffer an attack ensures you can install it as soon as possible. Then, if the worst happens, you simply set the page live and redirect all visitors to it.
Alert Your Team
Alert your team as soon as possible so they know your site is down. Ask people to check whether they have access to everything they need to continue working.
Tell your team to change all relevant passwords. Provide guidelines about password best practices. While many people know they should choose a strong one, they often don’t know what makes a password strong.
Also, consider implementing two-factor authentication on your site. This makes it significantly harder for hackers to access data via phishing or brute force attacks as they need the second piece of information plus the password to login. Installing a tool that limits incorrect login attempts can also protect you.
Finally, consider which members of your team have which permissions and whether this is necessary. If fewer people have access to critical functions, hackers have fewer ways into your site.
Consider Your Customers (And Regulations)
If you store customer data, you’ll need to check whether it has been breached and alert customers where necessary.
In some instances, you may also be required to inform regulatory bodies.
For example, GDPR has a requirement that any company that suffers a data breach that may put those affected at risk should contact the relevant authorities within 72 hours of discovering the attack.
Finding out your obligations before suffering an attack will help you take the required steps should the worst happen.
Preparing for an Attack Helps Minimize Damage
If you own a website, you are a target for attacks. While there are steps you can take to protect yourself, the unfortunate reality is that websites are compromised all the time.
Creating a plan ahead of time will help you recover from an attack as soon as possible, minimizing damage to your site and your Google rankings.