SherWeb

Welcome back! In the last part of Hackbusting we talked about what a hack was, what to look for and the first step to take once you’re sure you’ve been hacked. Today, the second part of Hackbusting, we’re going to address recovery steps, how to get your site back online, and what you can do to prevent it from being hacked, again.

You’ve been Hacked

Once you have figured out where the hacker came from, and you have successfully removed any malware/badware it’s time to move forward and get into recovery site mode.

Here are the four recommended recovery steps:

Step 1: Have all your users and yourself change their passwords. Send out an email, give them a call – do whatever you have to do, just change those passwords! We also suggest if you have a general admin account you delete it. It’s always safer to have individual accounts that you can keep track of for situations like this.

Step 2: Do a complete reinstall of your operating system (OS) from a source you trust, such as another household computer or your computer (make sure you’ve done a virus scan ahead of time, and removed any potential problems). Doing a reinstall is the only 100% way to make sure you’ve completely rid your site(s) of the hack.

Step 3: Use your clean back-up. There’s a reason we back up things, and this is a perfect example why! Once you’ve searched through your back and are completely sure it’s hack-free, replace all existing files with the backup files and restore your site.

Step 4: Update all or any of your software. Go through your weblogs, platforms, content management systems, and/or any software from a third party, and make the necessary updates. This will help increase the security of the site and smooth out the online re-installation process.

Get Back Online

Alright! The hack has been removed, you’re ready to be back in action, and you’ve learned a valuable lesson that you can now share with your family, friends and co-workers. First off, give yourself a pat on the back for addressing the problem right away, and figuring out how to better manage your site! Now, let’s get you back online.

Here are the three re-installation steps:

Step 1: Get your site back online. Remember in the beginning when you took it offline, use the same steps to restore its online presence. If you used the 503 return code, remove it. If you used the URL removal tool, request to have the URL re-included in your content again and cancel the removal request.

Step 2: Request a site review. In order to be 100% certain that your site has removed the hack from all pages, ask Google to run a site review and get the site completely re-crawled. This will also help Google stay on top of on-going hacks on the internet.

Step3: Keep your eyes open. Now that you have an idea of what to look for and expect, keep your eyes peeled for any suspicious activity. If you have other users helping you manage your site, talk with them about what happened and make sure they are always on lookout too.

You’re Back! Now Let’s Prevent…

Glad to see you’re back in action and have successfully made it through one little bump in the road of website popularity! It’s now time to evaluate what went wrong and prevent any opportunity for a future hack.

Here’s what we suggest:

- Review records and stay updated! Review your records from the damage assessment. Use your hack record as a hack report to help you if it happens again. This shows you where to look first!

- Make sure all your OS software is completely updated, all the time. It’s crucial to be extremely diligent when it comes to software and plug-in updates – they help improve security.

- Think about your hosting package, like Microsoft’s Hosted Exchange. If you were unlucky enough to have many sites infected under one server it might be time to upgrade to a better package that offers a high level of security. For example, if you’re using a shared hosting package and are managing a larger website, it is probably a good idea to move towards to a VP hosting package.

Not sure what you need? Do some research, compare and contrast and assess your site’s needs and wants (as well as goals).