• What happened when my website was hacked

    A guest article from John McGarvey. He writes about subjects like IT security and web hosting for IT Donut.

    It all started one morning with a worrying email subject line: ‘Your portfolio page may have been hacked’. Inside was an unsolicited message from a friendly web developer, letting me know that my website’s usual portfolio page seemed to have been replaced by some offensive adult content. Not what I wanted to hear. 

    After a short period of panic, I pulled myself together to investigate. At first glance, nothing was out of the ordinary. My copywriting website looked normal.

    But when I tried some experimental Google searches, I got a nasty shock. Although you could access my website fine by typing in the address, visitors clicking through from Google were being redirected to another site, where they’d see some entirely different and wholly inappropriate content.

    The .htaccess hack

    I had fallen victim to one of the most basic website hacks out there. Someone or something (perhaps an automated hacking script), had altered the settings in my website’s .htaccess file so it maliciously redirected visitors to the dodgy site.

    The way it had been done meant that only visitors arriving from search engines would see the dubious website. If you typed in the URL then the site looked fine – so at first glance it wasn’t obvious anything was wrong.

    Of course, if I’d used StopTheHacker Malware Protection then I’d have seen the issue straight away. The malware would even have been removed automatically, keeping me safe the whole time. But as it was, I only found out because a kind-hearted visitor emailed to let me know.

    I was aware how lucky I was. Had the problem gone undetected, I would almost certainly have been blacklisted by Google, leaving me struggling to find new clients.

    Getting things fixed

    With the problem identified, it was easy to log in to my web hosting and remove the dodgy code. My website uses WordPress, so resetting passwords and deleting a suspicious username seemed to prevent the dubious code being reinserted.

    But even though I managed to address the most pressing problem, it was hard to be certain I’d eliminated all traces of the hack. As I rely on my website to promote my services and bring in business, it wasn’t something I wanted to leave to chance. As a result, I spent most of the rest of the day running the site through security scanning tools, installing and updating plugins and reading up on WordPress issues. But even then, I wasn’t convinced my skills were a match for a determined hacker. I could easily have missed something.

    That was when I decided to bring in the professionals. They were able to delve deeper into my site, cleaning up other traces of the breach and giving me pointers to stop it happening again. Phew.

    Security breaches cost you

    I’m well aware that I got off lightly this time round. The whole situation could have been an awful lot worse.

    Yet even this minor security breach cost me. I spent about a day setting things straight, and had to pay the developer to investigate in more depth. What’s more, I’ll never know how much business I lost because potential clients were seeing offensive content instead of my amazing portfolio.

    As a result, I now have a much more proactive approach to security, with monitoring my website for malware, backups and updates all taking place regularly. I urge you to learn from my mistakes and do the same. Because if you don’t, one day you might receive a worrying email, just like I did.