Website hacked, now what?

When you have a website, there’s always the possibility that someone will try to hack into your site sooner or later.If you operate a successful site, jealous people will want to bring your site down but that’s not the only reason. Your website could also be hacked into if there’s a security hole. Although I try my best to stay on top of the security of the sites that I operate, one of my website got hacked on the 30th April 2010. The reason of the attack was for the hacker to put some links on my website.

It might seem that the attack was not catastrophic after all since only links were uploaded but if you look at it from my point of view, you will see how bad this hack is. First of all, the hacker was able to delete files from my server and create new directories and files. This was all done through a script which he managed to upload to my site. He deleted only one file on my site but that was enough to bring pretty much the whole of my website down because everything is controlled by the .htaccess file which was deleted. This resulted in 404 errors (page not found) which was not good for my traffic (traffic plummetted to nearly zero), good user experience and the almighty Google. Google crawls my site everyday without fault and it found so many 404s on that day that I was scared it was going to removed all these pages from its index. Fortunately this didn’t happen.

However the hacker created a few directories where he uploaded pages with loads of links on my site. Now my site had nothing to do with recipes but the hacker uploaded recipe links on my site and ping about a 100 servers including Google, yahoo and other search engines. Most of the sites which were pinged followed the request and starting crawling the recipe pages on my site. This is the worst kind of attack because it sets your site as a spamming site. Few days after the attack, Google Webmaster Tools had a message for me which stated that the pages with recipe links that it crawled looked spammy and they were going to remove them from the index which was absolutely fine with me. I was relieved that they didn’t penalise me in any way for having these spammy links on my site.

To make things worst, I was on holiday when my website got hacked. Fortunately for me, I like checking my website stats everyday and when I saw a drop in traffic, I thought it had something to do with my hosting company (the server was down). I was really annoyed at the hosting company because it never happened to me before that my site was down for such a long time but that was not the case in reality. My second thought was that Google was not sending traffic to me (probably some penalty, lost of organic rankings etc). But while I was investigating the problem, I saw that my website was returning 404 pages for nearly every content on the site. This is where it clicked. I looked for the reason and realised my .htaccess file was no longer there. After getting the hosting company to get a backup file up, the website was operating fine again. I then changed all passwords and analysed what went wrong.

I saw files and directories had been created and that could only mean one thing – my password had been compromised. I don’t know how it happened but it could have been worst but fortunately I was able to get the site up and running the following day. If I didn’t notice the problem just after it happened, I would have lost all traffic for at least a week along with the income that the site makes but most importantly, it would take the site a lot longer to rank back afterwards.

comments powered by Disqus