Skip to main content
< All Topics

How Should You Do If Your Website or Account Has Been Hacked?

Server security is one area where you do not need to worry, despite the fact that there are numerous possible weaknesses that hackers could attack. Mod_security, Suhosin PHP hardening, PHP open_basedir protection, and other cutting-edge security modules are installed on our servers to ensure the highest level of protection.
To help you find and get rid of dangerous files on your cPanel account, we also have a Virus Scanner.

For information on potential causes, what to do if you think your website or account was hacked, and how to avoid it, check this article.

What Caused It to Occur?

The most usual reasons are:

  • Outdated web apps – Making use of outdated CMS versions (WordPress, Laravel, Drupal, etc.)
  • Nulled or outdated extensions: If third-party extensions, including plugins, modules, or themes, are out of date, they may pose a security risk. Moreover, exercise caution when downloading premium extensions for free from unapproved websites, as these can have been altered to contain malware.
  • Passwords that are easy to guess, are repeated on various services, or were publicly revealed (like if you have it written down on a sticky note at your desk or if you have shared it in a phishing website) are examples of weak, exposed, or breached passwords.
  • Local computer infection – Certain computer viruses have the ability to obtain your login credentials and utilize them to insert destructive code into your webpages.

What Happens If a Website or Profile Is Hacked?

A few things to watch out for could point to a possible hack:

  • Modifications to your hosting package or files not created by you or someone you have given permission to, like a developer in charge of your website
  • Unexpectedly higher resource utilization on your hosting
  • Several bounce error messages are received by one or many of your email accounts but not known to send many emails

The following steps are advised if you observe these or any other strange changes:

  1. Scan your devices with your trusted antivirus software to see if they contain any viruses or malware
  2. Search for any questionable extensions in your browser
  3. Change the passwords on all of your devices, hosting accounts, email addresses, FTP access, and other accounts connected to the website
  4. For hacked websites:
    • Using a backup of the website from a time when it functioned flawlessly and then updating your theme, plugins, and CMS
    • You have the option to download the files for your website and use an antivirus software to verify them.
  5. For compromised cPanel accounts:

Make sure to report any detected malicious activity on your accounts so we can do additional checks on our end.

How Can It Be Avoided?

The following actions can be taken to protect both your sites and your account:

  • Never give someone your password or login information.
  • Make sure you have the most recent antivirus and anti-malware software on all of your devices.
  • Updating your CMS and application extensions to the most recent version is important.
  • Download themes, plugins, modules, and extensions only from reliable sources.
  • Use strong, safe passwords at all times.
  • Turn on two-factor authentication for cPanel.

You can guarantee your website has the best safety possible by following these guidelines.

Table of Contents