What To Do If Your Website Is Hacked (and how to prevent it)

I managed almost two years without experiencing a cyber attack on this website but a couple of months ago it was hacked. EEK!!

The first I knew about it was when a fellow blogger flagged up a dodgy looking link embedded in my header (thank you SO much Samantha from North East Family Fun). It contained a word of a sexual nature!! Aaaahhh! HELP! How on earth did it get there? What should I do? It was a horrible feeling and a bit violating, like a burglar going through my knicker drawer or something. It didn’t help that I was overseas at the time without my laptop. I felt completely helpless.

I finally got it sorted with the help of some I.T experts my husband knows but I had a good few days of stressing and contacting my host and WordPress to try to figure out how to sort it and worrying that I may have lost much of my content as I didn’t have my site backed up.

It was probably a simple fix for a technical expert but for someone who has little clue about the internal workings of websites it felt like a really big deal. Last month my website got hacked AGAIN prompting me to take more permanent action. From my experience and investigations, here’s what you can do if you think you may have been hacked. I use WordPress but I am sure much of it will apply to other publishing platforms.

What to do if you think you’ve been hacked 

1. Check your site from an external source and see where the breach has occurred. Hackers are sneaky, I couldn’t see the offending link from my devices or from my WordPress preview screen. It also was not visible in the mobile version – just the desktop. When I eventually opened it from a computer it was there in all its glory.

2. Back up your site! (More on this below)

3. Contact your publisher – in my case it was WordPress. They were pretty good at responding and making suggestions about what I could do but couldn’t fix it themselves.

4. Learn some basic coding skills OR get friendly with some techie people!! That is what I did! Thankfully, they were able to help and I have no doubt it would have taken them a matter of minutes and I am eternally grateful.

5. Contact your host (in my case it was FatCow). They confirmed I had been hacked and gave me suggestions on what to do and how to prevent it BUT I had to purchase a package for it to be resolved. This is what I did after the second hack attack and it was dealt with swiftly.

6. I recommend taking down your site until it is fixed or your host may automatically do it to prevent blacklisting. If search engines like Google detect malware on your website they may blacklist you, damaging your reputation as well as your search engine rank.

7. If you have backed up you site, delete the infected site and republish your site.

8. Change your passwords on your publishing site and the log in on your host site too.

How to prevent a hack attack in the first place

1. Ensure you have strong passwords (using a mix of capital letters, numbers and special characters).

2. Update your site with the most recent plugins, the latest WordPress version and any other software is updated. If it is running old programs it makes it vulnerable and easier for hackers to get through. I am pretty certain this is why my site was attacked.

3. Install a security plug in. I have since downloaded the free WordPress plugin Sucuri which notifies me whenever someone has unsuccessfully logged onto my site. Although they can’t stop a hack attack, at least I get a heads up when it looks like it is under attack.

4. Make sure you have backed up your website. Thanks to Aby at You Baby Me Mummy, I have discovered there is a plugin for this – Updraft Plus.

5. Scan your personal computer with good antivirus, antispyware programs.

6. My host recommended I purchased an extra security package, SiteLock. After getting hacked for the second time and two days completely off line because my host had taken it down, I purchased SiteLock + 911 which didn’t need me to have a backup of my site, removed the malicious code and conducts regular checks. In fact, I have since had another two attempted hacks which have been prevented. Hooray. In my eyes, definitely worth the small amount of money I paid.

Have you ever been hacked? What did you do and what other advice do you have? Would love to hear your thoughts and I am sure I can’t be alone.  

How about pinning it for later?

What to do if your website is hacked and how to prevent it

The List
Post Comment Love
The Dad Network
Best of Worst


SUBSCRIBE TO OUR MAILING LIST

For the latest news, posts and competitions sent directly to your inbox -
sign up below:


*You can view our privacy policy here


Wander Mum

I've always loved to travel so when my two daughters came along, I didn't stop. Travelling as a family can have its ups and downs but I love showing my children the world and helping others navigate travelling with children in tow.

28 Comments
  1. Oh I can’t imagine how upset you must’ve been – it is such a violation of everything that you’ve put into your blog. Some great tips here.. I use Updraft Plus which is great for backing up but I need to look into that Sucuri. Thanks for sharing and so glad you managed to get everything sorted in the end 🙂 #TheList x
    Mum in Brum recently posted…Things you learn by 30My Profile

  2. Hi Elizabeth, pots like this are so helpful, but also quite scary too as it brings home the risk of being hacked is real!

    Luckily so far I’ve not been hacked and I’d probably have a melt down if I did. I do get my site backed up daily on BlueHost and so far they have always been a great help when I have needed it (oh and I’ve needed it!). In my mind I have also planned the second phone call I would make in the case of being hacked (a nice chap who calls himself the PC Dr. He is totally unaware of this, but he’s always sorted our PCs out quickly and without fuss).

    A really great post with great advice. Thank you for sharing.

    #PoCoLo
    Debbie recently posted…Oh Me, Oh My! I’m Back From My Unscheduled Break…My Profile

    1. Thanks Debbie and for sharing. Always good to have a PC Dr on stand by if ever needed. Well done on backing up your site – I learnt the hard way. Will have to check that link. Xx

  3. Very informative post! I’ve never tried been hacked YET! but I’ve notice a lot of unsuccessful logins which I tried to block every time I see one. I have installed that Updraft Plus now to backup my website too just in case. Thanks for sharing! #bigfatlinky

Leave a Reply

Your email address will not be published.

CommentLuv badge

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Pin It on Pinterest