What should I do if my site has been hacked?

Modified on Sun, 15 Dec at 3:23 PM

General recommendations


We  pay great attention to security, but sites can be hacked for reasons beyond our control. Many clients use popular CMS on their sites, often of old versions. Such sites inevitably become targets for attackers.


To reduce the probability of hacking, we recommend:


  1. Choose complex passwords and store them in a secure location;

  2. Timely update software, scripts, CMS;

  3. When installing CMS, follow all recommendations of the developers;

  4. Apply special means of site protection.


How can I tell if I've been hacked?


If an attacker has committed a hack to collect data, it is impossible to identify the hack without special tools and auditing. But the most common thing to look for is this:


  1. Banners appeared on the site that you did not put up;

  2. Files that you did not upload appeared in the directories on the hosting;

  3. When you go to the site, there is a redirect to an external resource;

  4. When you click on the links on the site, there is a redirect to a resource unknown to you;

  5. When you go to the site from the search engine, or when you enter the address of the site, the browser shows a warning about the insecurity of going to the site;

  6. You have started receiving emails on your main email about the inability to deliver mail to addresses to which you did not send mail. Most likely you have been hacked and are using the hosting to send spam.

  7. IP of your server appeared in blacklists and there are difficulties with sending mail. You can check blacklists here.


I've been hacked, what do I do?


  1. Change all the passwords you can;

  2. Restore the site from backup and update all software (CMS, scripts);

  3. Update antivirus software on all PCs with access to site management;

  4. Use special means of site protection.



Special protective equipment


We is a partner of Revisium.


Together with revisium.com we provide services of removing viruses, hacker shells and other malicious code from the site. We perform security audit and protection of sites from hacking.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article