There is nothing more frustrating than to have your website hacked, especially if it’s happened more than once. Unfortunately, it is becoming more and more prevalent these days.
The first question our clients ask us is “why did my website get hacked?” Well, according to this report there are a few reasons: 1) access control 2) software vulnerabilities 3) 3rd party applications.
The next question is “how did it happen?” With regards to small businesses, we believe that your site getting hacked was unfortunately, just a coincidence. Something about your website might have been caught by the web crawlers. Or maybe it was a plugin that didn’t get updated, or your version of WordPress is out of date. I could go on and on.
That same report found “that it takes about 30 – 45 days for a new website, with no content or audience, to be identified and added to a bot crawler. Once added, the attacks commence immediately without any real rhyme or reason. It can be any type of website, the only commonality is that it is connected to the web.”
Targeted attacks or (DDoS) are usually reserved for the big boys (i.e. Saks Fifth Avenue, Chipotle, & BlueCross BlueShield) to name a few. These attacks are usually motivated by economic gain. Yup, it’s all about the money.
Alright, so now what do you do?
1) Get your site cleaned. Contact your hosting provider, or do a google search for malware removal service, or contact us. Site cleaning costs anywhere from $250-$500 and some companies will only guarantee that your site remains clean for 30 days.
2) Once your site is clean, check it here.
- Change all of your passwords
- Update your version of WordPress and all plugins
- Add https to your site
- Add a firewall
There is always the chance that your site can get hacked again, but with proper security measures in place, you can greatly reduce the risk.