What happens when your website gets hacked? Can your current hosting provider get you back up and running as quickly as possible and with the minimum of fuss?
It’s been a while since I put hands to keyboard to write a blog, I always have good intentions of doing regular blog posts but due to the nature of our work and dealing with other people’s businesses on a day to day basis, it generally gets overlooked.
Anyway, a recent situation has put this back at the top of the priority list, so I’d like to share this cautionary tale with you.
One of our web clients has their WordPress site hosted…Elsewhere…and elsewhere had a problem.
What was the problem I hear you ask?
Well, their site had been subject to a hack and was dead. Not only that, but the hackers had also redirected the site to a malicious one, which had their customers clicked on it, then they would also be infected and consequently liable to being hacked.
We knew that our customer’s site was hosted with their IT company, so we immediately requested a backup of the site to restore it, but they didn’t have one, we asked what their backup regime was – and – they didn’t have one.
Not only did they have no backup and no routine in place for backups, but they were also putting the hosting through another third party ‘Go Daddy’, who, incidentally, also had no backup or backup regime in place.
The reason for this, cheap hosting with no guarantees.
On the surface hosting may appear to be the same but under the bonnet, not all hosting is created equal.
In this scenario, the customer’s site had no chance of being returned to its former glory and would have been dead forever, not only that, the longer the site was down and re-directed to a malicious site, the harder it would be to recover from reputation damage.
So, what did we do?
First of all, we were able to take a copy of the site from some week’s previous, then we took that copy and installed it on a laptop that wasn’t connected to the internet.
Then we ran a malware scan on the site and isolated the cause of the infection, which we then removed.
We then set up a hosting account using our own hosting and set about migrating the site from Go Daddy to our server.
We installed some security software on the site, which, in conjunction with the security software on the server, offers a greater level of security overall and provides us with real-time alerts that notify us of any attempted security breaches and provides us with a daily report of any potential threats.
We also have in place a daily backup routine, which provides a full site backup, so, in the event that this happens again, we can be back up and running with a clean site sooner rather than later.
It’s a hard task to keep any website fully secure these days with so many hackers trying to find loopholes in broken plugins and old and out of date sites, but you can help yourself by checking if your host is providing the level of support you need to protect your site and get it back up and running with the minimum of fuss, should the worst happen.
If you take anything from this, let it be this > Not All Hosting is Created Equal > check your hosting and it’s resilience and don’t let this happen to you.
For the record…
• All 127 Media servers come with resilience built-in.
• We won’t put a site or server out there without a backup strategy in play from Day 1: it will (at least) be 5 rolling days, with 13 rolling monthly’s.
• …and the Return To Live won’t be 72 hours.
If you’d like to talk about hosting or have a website that’s been hacked and not sure what to do, please get in touch, email firstname.lastname@example.org or hit the speech bubble in the bottom right of your screen.
Stay Safe & Stay Well