Sorry we do not accept clients in 2016

What to do when hackers happen

Written by Urszula.

Your Website Gets Hacked and then what?

  • Whether you have your own business website or just a hobby blog nowadays it's becoming more and more likely that your website will be "hacked."

    This means:

    One day, without warning, instead of seeing your business site, website visitors will see instead a fake bank page that tries to download infections to anyone landing on it, or a phishing scam designed to trick visitors into revealing their personal information or a combination of these, or simple page saying "website hacked by xyz " just for fun of it or something worse.

This will probably start to ruin your business reputation with existing visitors, customers and potential customers.

Then, if you don't notice and take action right away, and enough concerned visitors report your site as malicious, your site will be added to the "blacklists" and "block lists" that many ISPs and others use to prevent unsuspecting users from even visiting your site.


So, instead of landing on the hijacked site they'll see a warning that will, in essence, say "We have prevented you from visiting this site because it appears to be malicious or infected.

This is not just theoretically possible, it's a growing trend.

My focus here is to talk about business websites that you spend either time or money to get good results on search engines, that you use with your marketing materials and business cards.

What to do after your website has been hacked ?

So, it's happened to you. You visit your web site and see that all of your material is gone, replaced by junk or a big warning or emptiness or an error message. What should you do?

Contact your hosting company before they block you too. And yes hosting companies if you have injection of malicious virus, they block your site and the onus to fix it is on you!

If web developer has agreement with you to mainain your site it is the best possible option. If not let's start the work.

Try to sign into your web hosting account via the cpanel, or ftp. This is where the raw data comprising your web site (your text, pictures, layout, and other information) is stored.

Once you can sign into your hosting account, look at what's there and assess the damage to your data. In the simplest case, the hacker may have changed only a few key files. In the worst case, you'll need to delete what's there and replace it by uploading a backup copy of your web site's content.

BACKUP? WHAT IS BACKUP? Nobody told you to do backup. Well ignorance is not an excuse.

If your web site had malicious content on it long enough for it to get noticed and "blacklisted," then once your content is restored you will also need to contact various companies to get your web site removed from their blacklists before the rest of the world will be able to see it again.

This is a somewhat involved process, so I recommend contacting your web design person or computer consultant, or google "remove my web site from blacklist" to get started yourself.

Once your website is back, take these steps as well

1. if it is an application make sure you have necessary upgrades and upgrades to all of your appliation components, plugins and modules.
2. Check the rest of the settings in your application and hosting for other changes that the hacker may have made, including your security questions, alternate email addresses, or other mechanisms they could use to break back in.

If you changed any passwords, update your password chart or database, and notify anyone else who needs to know them, including your web design person, but don't send any passwords via regular (insecure) email.

How did this happen?

How did they break in?

It's difficult to know for sure without evidence, but here are some likely explanations: The hacker may have broken into your account by guessing your password, tricking you into revealing it (phishing), or possibly hacking into the hosting company's customer records, etc.

When application become older it is much easier for hacker to get to application, especially if you use open source applications such as Wordpress, Joomla, Drupal. It is necessary to update applications and make sure every single component, plugin is regularly updated.

If version of application become obsolete – redesign or upgrade your site.

The hacker may have broken into another customer's web hosting account, then found a way to "poke around" the hosting company's system and got into your account without ever needing your password.


Who would do this? Why?

Apart from someone targeting you personally, the most common types of hackers are:

Gangs of thieves from all over the world looking for ways to eventually steal money, and

Bored teenage hackers with excellent computer skills and nothing better to do with their time than destroy someone's digital life, and you had the misfortune of coming to their attention.


How can you find out promptly that your web site has been hacked so you can get it back more quickly?

Early detection of your web site getting hacked boils down to two methods:

  • Manual checking: You could check your web site's home page every day, either by making the effort to visit it, or making it your web browser's home page so you'll see it every time you open your browser.
  • Scheduled monitoring: There are a number of services out there that you can use to monitor any websites depending on applications.

How can you make it easier to recover from being hacked? I recommend the following for you (or your web design person) to do:

Maintain an up-to-date backup copy of your web site's content.

Keep track of your current hosting account passwords in a secure chart or database.

Keep written instructions on how to get into your web hosting account and upload your web site's content. This online storage area is usually called your "FTP site" (file transfer protocol).

Do your backups. Dum & Co installs free backup facilities on your application and also you can use cpanel.


How can you prevent your web site from being hacked in the first place?

Prevention isn't easy or obvious. I recommend:

  • Use unique and strong passwords for your web hosting account.
  • Keep your passwords safe, and don't send them by regular (insecure) email.
  • Scan your computer for malware on a regular basis, since it is the mission of many infections to steal passwords.
  • Back up your website on a regular basis. Store your backups in a safe place.
  • Upgrade and update application regularly.


    Having your web site broken into and destroyed is terrible, but it doesn't have to be devastating. Take some preventive measures, but also be prepared. It's not that difficult!

    If it happens, the sooner you can detect it and recover, the less "downtime" you'll have and the fewer blacklists you'll need to remove your web site from.

Contacts us today!

Ph: 1300 5127 70

Fax:(08) 95109100

Contact Form

Book consultation

Affordable websites

  • Quality: We ensure that our clients receive quality service they can count on - every time.
  • Value: At Dum & Co, we deliver excellent websites at prices that won’t break the bank.

Mission Statement

Dum & Co strives to provide small businesses and individuals with a level of service not seen from larger companies. We are a small business ourselves, and we know what small businesses need. Small businesses need a fast, friendly, and reliable service.