My website was hacked. What should I do?

This article will explain what you should do in the event that your website has been hacked.

Cyberattacks are an increasing threat to online businesses, with around 2,200 attacks happening every day. Don’t panic though, as we have a few simple tips on what you can do to mitigate this issue.

To start with, we recommend that you perform a security check on your website with Sucuri’s free tool. Simply enter your domain name into the provided field and Sucuri will highlight any threats or breaches.

If you’re given a warning message, then you will need to do the following as soon as possible:

Step 1 of 4

Change your passwords

This includes the passwords for your FTPS users as well as your databases. Be sure to use a mixture of upper and lower-case letters, numbers and special characters (i.e. . ! # , *). For details on how to do this, please read the following articles:

  1. Changing your FTP password
  2. Changing a database password
  3. How do I update the database password within my configuration file?
  4. How do I edit FTP users in my Hosting account?


Step 2 of 4

Review your site’s files

Check your hosting package’s files for any files that have an odd or suspicious name (or ask your developers to do this for you). You should also check your .htaccess and Homepage files (i.e. index.php, index.html, index.htm) for any dubious code.

Step 3 of 4

Restore your files from a recent backup

If you have a previous, clean version of your website and databases, then you can restore them in your account by following the instructions in this article: How do I restore a backup to my hosting package?

Step 4 of 4

Contact our Support team

Please raise a ticket or start a live chat with our Support team so that we can take any necessary actions.