Google recently published a post about the #NoHacked campaign on July 27th on its official Google webmaster blog. In their blog, Google stated that they noticed an 180% increase in the number of websites getting hacked over the past year.
Many websites have reported that they received a message from Google stating that their website has been hacked. In fact, you will notice that these sites are labeled with “This site may harm your computer” or “This site may be hacked” message. These messages discourage searchers from clicking on your site, in fear of getting some sort of virus or be redirected to spam or malware.
Also on TechWyse
Is My Website Hacked?
For many business owners, webmasters, blog owners, and anyone who owns a website, having your website hacked is one of the most troublesome issues to encounter. Unfortunately, some hacks aren’t easy to identify.
When your site is hacked, it means that someone has gained access to your website. This allows the hacker to perform any action on your website. They are able to add spam text, redirect visitors to other sites, install viruses on visitor’s computers, and collect information from your website.
If the problem is not addressed, your website traffic will definitely be affected.
How to Recover My Hacked Website
There are several ways to address the issue you are facing. Here is how you can get started on recovering your hacked website.
1. Verify Site and Remove Users
You need to register and verify your website in Google’s Search Console first. You can verify your ownership through meta tag, HTML file, or through your domain name provider, and Google Analytics code.
When you’ve verified your site, you can check the security issues you are having. Search Console will also show details on the pages and URLs that might be hacked.
Then, head over to Manage site and look at the users and owners listed for your website. Make note of the email addresses of any unauthorized users and delete them from your users and owners list. Remember to remove any meta tag or HTML files that were used to identify those myseterious users.
2. Contact Your Host
It’s important to find specialists that can help you recover your website. Your website host know your website, hosting environment, and configuration the best. They also store the files for your website and allow them to become accessible over the Internet.
First, try looking for FAQ sections and discussions that are related to the issue you are having. You can see if there are readily available answers that can help you quickly resolve your website. If not, reach out to them via email or phone to chat with them directly and let them know about the issue you are having. They will be able to support you in recovering your website.
3. Seek Help From Discussions
The Internet is an endless resource of information and tools. There are many experts online that can help recover your hacked website.
Try searching online in forums that are related to your issue. Google Webmaster Central discussion forum contains a subforum on hacked websites that allow you to connect with top contributors in the community.
Chances are, there are many resolved issues and methods that you can try to fix your site. You can also post your issue in the forum and have them answered in the community as well.
4. Request a Review from Google
If your website provider has removed the hack on your website, you can complete the review for phishing here.
In addition, you can request a review in the Security issues section in Search console. The process will take some time and once completed, you will receive a message in your Search Console. However, make sure your website is clean and secure, or else the message will remain.
If you’re still experiencing issues with malware on your site, check out Google‘s page for more technical solutions!
Now that your website is free from hackers, it’s important to ensure that you’re preventing the issue from re-occurring. Here are a few tips on keeping your website safe.
How to Keep My Website Safe
1. Password Protection
As we all know, a strong password contains a combination of letters, numbers, and symbols. However, Google says this is not enough to protect your site.
Password length plays a crucial role. The longer your password, the more difficult it will be for hackers to guess it. Therefore, you should lengthen your password to include a combination that is hard to decipher.
There are various password testing tools available on the web where you can check how strong your website is. Keep in mind that you should not share your password with other sites, so when you’re testing your password, put in a similar or variation of a password you’re looking to use.
Also, never use the same password again and again. Hackers mostly try to use known user names and leaked passwords from leaked password lists.
In addition, Google suggested in using 2-factor authentication, which can increase your site’s security and make it strong to fight against hacking attacks.
2. Updated Software
Google suggests keeping your software up-to-date because your website becomes more vulnerable when it is outdated, allowing hackers to easily take control over the website.
If you are using a web server like Apache, Nginx, or any other commercial web server, make sure you keep your web server up to date. If you are using Content Management System (CMS) or any add-ons on your site, ensure that you’re keeping your system updated.
If there are any add-ons that you are not suing for your website, remove them completely from your system. In addition, if there are any old add-ins that are interfering with your website, ensure to remove those as well. If not, you will only increase the chances of hacking and affect the performance of your site.
3. Professional Hosting Provider
If you use a hosting provider, Google suggests contacting them if they provide 24-hour customer support for dealing with any kind of issues.
Go the web and check their reviews. Do they have a good tracking record with clients? What are people saying about their services? Choose one that is authoritative and trusted by other websites as well.
If you are managing your own in-house server, then you should always be ready to deal with any kind security issue that might arise. Talk with your web developers on the team to ensure there is high security on your server and WordPress is updated to the latest version.
If you don’t have time to manage your own server administration better to find a hosting provider who offers a complete managed hosting solution.
4.Powerful Network Security
Many of us are using powerful network securities, but is it strong enough to stop attackers hacking your site?
There are some useful points to keep in mind when you are using network services in your office.
- Log out of the session after a short period of inactivity
- Beware of bugs and install high-quality antivirus.
- Train your employees to use the anti-virus software, so they can use it if they see any attacks, phishing, and malware files.
- Stay alert if you are connecting your LAN to other hotspots of any local cafe.
- Try not to save your password and auto-fill because this creates vulnerability for your accounts.
- Use Software Firewall – If you are directly connecting your LAN to the Internet, make sure to activate your firewall software. It will protect your site from notorious and dangerous viruses like Torjan Horses, Code Red, Melissa, etc.
5. Switch to HTTPS
HTTPS or Hyper Text Transfer Protocol Secure allows secure file exchange of files on the World Wide Web.
Moving your site HTTP to HTTPS gives you confidence and reassurance because hackers can not hack HTTPS websites and it enables encrypted communication and secure connection between a remote user and the primary web server.
It keeps your data and information safe from hackers. It also prevents malicious users from stealing information from your site.
HTTPS has been mandatory for all website who have online traction features because of its high-quality security.
Recently Google announced that HTTPS will be a search ranking factor. Since then, a lot of sites have been migrating to HTPPS.
So, if you have not moved on HTTPS then go for it before it get late, because it not only providing security to your site but also will help it in ranking.
6. Google Tools
Google offers a number of services that can notify you with any suspicious activity on your website and alert you about that risk.
It’s important to have an account on Google Search Console (formerly known as a Webmaster Tools) if you aren’t already using it. It contains some of the best tools from Google and communicates about issues communicate with you about issues if they found anything suspicious including hacked content.
You also can set up for Google Alerts on your site to get notifications about any suspicious results for your site.
You can also set up multiple alerts for you website about various spammy terms that may affect your site.
It can be very troublesome when your website is hacked. Although recovering from a website is extremely crucial, it’s also important to put in preventative measures to avoid the issue again. I hope these tips will be useful for you and help secure your website. If you have any additional questions about this topic you can join Google Hangout on Air about Security on August 26th!