My site has been hacked/defaced/compromised - what can I do?

Unfortunately it is almost impossible for us to determine how your website was "hacked", but in almost every case the cause is a local one, such as attackers obtaining your password(s) or exploiting vulnerable versions of software installed on your website.

We recommend the following steps if you have discovered your website has been "hacked":

1. Change your hosting account password immediately! Steps on how to do this can be found at the following URL: http://www.thiswebhost.com/clients/knowledgebase.php?action=displayarticle&id=2

2. Change your e-mail account(s) password(s) immediately! It is possible that attackers compromised your website by having access to your e-mail address.

3. Restore a local backup of your website from your computer. This should remove all hacked code on your website and leave a last known working/good version of your website.

4. Finally, and perhaps the most important step - upgrade or update any software or scripts running on your website. Out of date scripts may be vulnerable to attacks, allowing hackers to compromise your website. Please be sure to include updates for any plugins or modules you may also be running!

5. Ensure that your website file permissions are set to 644, and your folder permissions are set to no more than 755. You can set file permissions via cPanel or your FTP client. For an easier way to change all permissions in bulk, run the following commands via SSH in your public_html folder;

find -type d -exec chmod 755 {} \;
find -type f -exec chmod 644 {} \;

  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

How do I change my hosting username?

Usernames are automatically generated by the server, based upon the main domain of the account...

How do I change my hosting/FTP or cPanel password?

To change your hosting password, simply follow these steps: Login to our client area. Click...

How can I use Google Apps for e-mail with my hosting?

Using Google Apps for e-mail instead is a very easy process, simply follow these Google Apps...

What are your nameservers?

To have your DNS managed by us and to switch your nameservers, please use the following:...

Can I change the domain name for my account?

Once an account has been created and setup on our servers, the domain name cannot be changed...