Learn how to recover from a hacked website and prevent future hacks.
If your website has been hacked recently, review the recommended steps below to recover a hacked website and prevent future hacks.
Recovering from an attack
- Request details about the hack from your hosting provider including how they believe the site was hacked.
- Request your hosting provider remove the malicious content placed on your website.
- Resolve site warnings in Google Webmaster Tools and resubmit your site for Google’s review once the hack has been resolved.
Preventing and mitigating the risks of a future hack
To reduce the probability of future hack, take the following actions:
Always update your Content Management System (CMS)
If you’re using WordPress, for example, ensure you’re on the most recent version of WordPress. CMS platforms push out updates to address known vulnerabilities. Always upgrade to the latest version when it becomes available.
Ensure your plugins are updated
If you’re using plugins or extensions on your website or CMS, keep them updated.
Activate Cloudflare’s Web Application Firewall (WAF)
Customers on a paid Cloudflare plan can activate the WAF to challenge or block known malicious behavior.
Secure your admin login
Backup your site
If your site becomes hacked, avoid losing valid content by using a service like CodeGuard to restore your site from a backup.