I’m working with a client on a new website for them. While DSM is working on their new website on our development server, their old website was up and running on their old server. The normal protocol is that once the new website is ready we switch from the old to the new, usually switching the servers at the same time.
“Normal” went out the window when we discovered that the old site had been hacked and was being used to promote ISIS! Not good and not something you’d want your clients to see!!
We were able to track down the client’s domain registrar and the hosting server but the client could not locate either the hosting account log-in credentials (if they ever had them) or their website log-in info.
Fortunately we were able to create a temporary coming soon page on our server and directed all traffic to it, instead of the hacked site. This gives us the opportunity to finish off the new site without having to battle the hackers.
The good news is that hacking generally isn’t personal – the hackers are essentially after the “low hanging fruit” of vulnerable websites, however this brought to front-of-mind how important it is to have a plan of action ready if your website has been hacked. The plan has two components: 1. Record Keeping & 2. Website Management
Record Keeping
We all have 10,000 things to keep track of in our business; sales, expenses, office supplies, etc. Keeping track of website, hosting and domain registration accounts is one thing that often slips through the cracks – but at times like this, when your website has been hacked, its vitally important you have those details to hand. Here’s what you need to have:
- Name & account details of your domain registrar – sometime in the past you (or your secretary or your web guy) registered your domain name (for example, it might be yourcompany.com) with a registration service. The biggest domain registrar out there is GoDaddy although there are many others. Having this info will allow you to switch where your site is hosted if the hosting server becomes compromised.
- Name of your hosting server company – most small business don’t handle the day-to-day management of their hosting, this is often done by your current web guy. However having the name of the hosting company can save time and energy if things have to be rectified quickly. Often the hosting company and domain registrar are the same company.
- FTP access to your website – you as the site owner should have access to being able to move, add and delete files within your website. FTP gives you this access without having to get involved with the inner workings of the website itself.
- Access to the content management system (CMS) for your website – this would be the credentials that would give you access to the dashboard / backend of your website. The most common CMS out there today is WordPress but you might be on a different system depending on how the website was originally set-up.
- Email account passwords
- Name and phone number of your (old) web guy – hopefully your still on good terms with your old web guy and don’t owe them any money. If your records aren’t so good, there’s might be and they can help you out of a sticky situation.
- Optional: Other information that might be useful include domain credentials (domain, username & password), MySQL database info (MySQL is the database that works with WordPress, Drupal, Joomla and many others).
My recommendation is that you keep a written record of all your credentials (usernames and passwords) in a safe place that’s accessible even if your computer isn’t AND a list of the really important ones on your cellphone so you have access to it when you’re not in your office.
Website Management
Like it or not, the security of our website ultimately falls to us – the website owner. Our actions, or more often our lack of actions, are the cause of our websites getting hacked in the first place. Here are the 4 things ALL website owners should have incorporated into their routines:
- Choosing a good hosting server – this is often overlooked by website owners. Surely its OK just to pick the cheapest company that you’ve seen advertising during the Superbowl (yes, I’m talking about GoDaddy) or staying with the guys I started using back in dial-up modem days? Truth is that the security of your site depends on having a great hosting company that includes having built-in defenses and superior tech support (for when things go bad). Not sure how your hosting company stacks up? Google their name + “reviews” and see what comes up. Also listen to your web guy – they’ll usually have their preferred hosting company that they’ve carefully selected for that combination of security, support and speed.
- Backup, backup, backup! Nothing is faster in defeating a hacked website than being able to roll back to a backed up version that you know was clean and fully operational. You can never have too many backups! In my business I get used to taking multiple backups of my work in progress because of my fear of losing my work, but it’s equally important that once a site is launched to take regular backups, especially before and after major updates.
- Update – most WordPress hacks occur when software, in the form of core files, themes or plugins, is old and left in an unsupported environment. Hackers specifically target old software as a way of gaining access to websites and then once in can infect the whole site and in some extreme situations the whole server.
- Security plugin – as with a car thief looking for cars with the keys still in them, most hackers are looking for the “easy” route into a website. Installing a top-notch security plugin that blocks many of the entry points for hackers encourages them to move onto the next website where it might be easier to gain access. There are some excellent free security plugins out there but this is one situation where its probably worth investing some money on a premium plugin.
If you’re concerned as to how vulnerable your website might be I’d be happy to conduct a free, no-obligation check of what’s happening with your site now and what can be done to protect it going forward. DSM offers its clients a comprehensive security package that includes monthly site backups, monthly updates and ongoing monitoring to ensure that all website components are secure and operating correctly with the latest, stable software versions. For more details on this package please give us a call today at 973-234-5623.