A Step-by-Step Guide
Experiencing a website hack can be an incredibly frustrating and unsettling experience—akin to having your car stolen or your home broken into. However, with the right web hosting provider, a hack doesn’t have to be a catastrophe. It’s a significant inconvenience, but one that can be resolved efficiently with the proper steps.
In most cases (about 95%), website hacks occur due to outdated scripts, such as an old version of WordPress or an ecommerce platform that hasn’t been updated. Software updates are critical for security, as they patch vulnerabilities that hackers exploit. Fortunately, our free script installer ensures that your scripts are automatically updated, reducing the risk of such attacks.
If your website has been compromised, follow these steps to restore it safely:
Step 1: Accept That a Fresh Start Is Necessary
Once a website is hacked, the best course of action is to completely reset the hosting account. This means all existing files must be removed, and a clean installation must be performed. Keeping old, potentially compromised files can leave security vulnerabilities open for further attacks.
Step 2: Request cPanel and FTP Access from Your Host
Ask your web hosting provider to grant you cPanel and FTP access while redirecting your domain’s DNS elsewhere (e.g., a placeholder page). If your account has a dedicated IP, it may need to be removed temporarily.
Step 3: Back Up Your Databases
Before wiping your site, save any essential databases.
- In cPanel, navigate to the Backup section and download your database.
- In phpMyAdmin, select your database from the left panel, click Export, and save the
.SQL
file with default settings.
Step 4: Download All Files via FTP
Use an FTP client to download everything, including the hacked files. These server files will not affect your personal computer. Keeping a copy can be helpful for reference or forensic analysis.
Step 5: Take Note of Other Settings
Document important configurations such as email accounts, redirects, and any tools used in cPanel. Creating a checklist will help streamline the restoration process.
Step 6: Ask Your Host to Format Your Account
Once you’ve secured your backups, request your hosting provider to wipe your account completely and start with a fresh environment.
Step 7: Reinstall Necessary Scripts
- If your website runs on WordPress, Joomla, or another CMS, reinstall it from scratch.
- If you’re using Web Host Pro, use the script installer and enable automatic updates to keep your software secure.
Step 8: Restore Your Database
Do not use the cPanel restore option. Instead, follow these steps in phpMyAdmin:
- Select the database on the left panel.
- Delete all existing tables.
- Click the Import tab and upload the
.SQL
backup you previously saved.
Step 9: Restore Media Files Cautiously
Your website is back online, but you may notice missing images and videos. To restore them via FTP:
- Only upload media files (e.g.,
.jpg
,.png
,.gif
). - Avoid uploading any
.php
files unless you are 100% sure they are clean. Hackers often use malicious PHP scripts as “backdoors” to regain access.
For WordPress users:
- Upload only the
/wp-content/uploads/
folder after removing any suspicious files. - Alternatively, use the WordPress media upload tool, but note that images will need to be manually re-linked.
Step 10: Final Touches & Security Measures
Now that your website is operational again:
- Reconfigure email accounts and settings.
- Reinstall or update your theme and plugins.
- Take this opportunity to enhance your site with modern security best practices.
Critical Security Reminder
Never upload a .php
file unless you have verified its integrity. Malicious PHP scripts are the primary way hackers regain control of a compromised site. If you have expertise or a trusted developer, you can manually review PHP files—but this is an advanced process.
By following these steps, you can recover your site and strengthen its security for the future. If you need assistance, Web Host Pro is here to help ensure a smooth restoration process.