Getting Hacked: What to Know and How to Recover

cyber-defences-security

If you stop by here frequently, you probably noticed that I had a bit of downtime recently. Unfortunately, my site was hacked again, but I’m happy to report that everything is back up and running – no data lost and no personal information compromised.

I wish I could say that this was the first time somebody messed with my site, but what I’ve come to learn is that getting hacked is part of the price of admission for running on WordPress.

Don’t get me wrong – I love WordPress. The fact that it’s open source and widely adopted means tons of great templates, plugins and add-ons, many of which I use to power this blog. But those same pros turn into cons when you take into consideration the fact that hackers have the same amount of access as you do.

Dealing with the potential for WordPress hacks requires two things – being able to recognize the signs that you’ve been hacked, and knowing how to clean up the mess while simultaneously protecting your site for the future.

Recognize that You’ve Been Hacked

Obviously, the first step to recovering from a hack is to recognize that it’s occurred – but that’s surprisingly easier said than done.

It’s in the hacker’s best interest to mess with your code in such a way that you don’t notice. After all, if you catch wind of what’s going on, you’ll take steps to fix it – and that doesn’t serve the hacker’s goals (which might be everything from neutralizing your site as a competitive threat to adding spam links for the purpose of generating link juice).

After my site was hacked the first time, I installed a program called Sucuri which monitors my code for hacking attempts and helps in the recovery process whenever something happens. I really can’t recommend these guys enough – they’re fast, they’re extremely affordable and they’ll save you tons of time should a hack occurs. If you have a site on WordPress, you need to set up their service ASAP.

If you don’t have a monitoring system in place, you need to be more proactive about watching for website hacking attempts. The signs may be subtle, but keep an eye out for any of the following changes:

Your website crashes

Usually, the hacker’s goal isn’t to crash your website, but it does happen from time to time. Typically, this will occur if the hacker’s added so much bad code to your website that it slows down to a crawl or crashes entirely, or if the bad code that’s been added conflicts with a plugin or theme on your site.

You might also run into this issue if your hackers have, unbeknownst to you, added your site to a network of websites that’s used to redirect email traffic. If detected, your ISP may shut down your website in accordance with their terms of service.

If your site usually gets a lot of traffic, you’ll either notice this hack yourself or hear about it from one of your followers. Your first clue might also be a cursory check of your site’s analytics dashboard, which will show your traffic numbers down – or nonexistent.

Your traffic slows

Having a slowed down or crashed site will definitely result in a loss of traffic, but it’s not the only possibility that can lead to this outcome.

Some hackers will commandeer your site and use it to reroute your traffic to another page, causing a drop in your reported visitor counts. Others will leave visible evidence of their hacks on your pages, which will affect your bounce rate as visitors arrive on your site and then leave after seeing something suspicious.

You may even find that, if Google has blacklisted your site due to the presence of malware or other bad code, your traffic drops off because potential visitors will see a warning message when clicking on your site in the search engine results pages (SERPs). Since most people are naturally afraid of things like online identity theft, the odds that they’ll click through – even if they know your site is legit – are pretty slim.

You see bad content on your site

Logging on to your pages and seeing the visible evidence of a hack is both scary and frustrating, but you can at least take comfort in the fact that you’ve been alerted to the intrusion. Some website owners can go months, or even years, without detecting a site hack, putting their reputations at risk as long as their code is infected.

With most visible hacks, you’ll see strange looking code in a couple of predictable places, including:

  • Your site’s footer
  • Your comments section
  • Your images (which tend to be replaced with much less savory, much more inappropriate alternatives)

That said, not all hacks affecting areas like your site’s footer are going to be visible. It’s possible for hackers to insert code into your site that Google will see, but you and your visitors won’t. Even if they aren’t visible, these additions can slow down your site or result in a blacklisting penalty.

Your email messages start to bounce back

If the hackers taking advantage of your site are very good and very determined, you might not see any evidence of a hack until the email messages you send out start bouncing back to you. Here’s how this typically plays out:

  1. Hackers crack your site’s code and install scripts and programs that automatically send out thousands of spam email messages from your site’s IP address.
  2. Recipients receive these messages and report them as spam within their inboxes.
  3. As the number of spam complaints your IP address or domain receives adds up, your site is added to the block lists run by sites like SpamHaus and Barracuda Central.

If this occurs, there’s a good chance your email marketing service provider will limit your ability to send messages – or eliminate your account altogether. Not only is that a huge deal for any business that relies on email marketing for sales and return website visitors, it can take tons of time and lots of back and forth to get your account placed back in good standing with your provider.

Your bandwidth usage shoots up

Most US webmasters don’t pay much attention to their bandwidth usage, as nearly all website hosting plans these days come with unlimited access. But if you’re in a country that charges a premium for going above your preset bandwidth limit – or if you just happen to keep an eye on this metric out of curiosity – you might notice it increase dramatically as the result of a hack.

There are a few different factors that can lead to a spike in bandwidth usage following a hack:

  • Your site has been added to a network, either for the purposes of redirecting link juice or driving bogus traffic.
  • Your domain is being used to send spam emails, resulting in extra bandwidth usage in terms of outgoing mail and in clicks from curious recipients.
  • Hackers have uploaded large files to your website, slowing down your load times for your visitors and resulting in a bigger bandwidth usage for you.

Not all reasons for bandwidth spikes are negative; they could occur as the result of well-executed marketing campaigns or successful PR pushes generating higher than average levels of traffic. By and large, though, this is a sign that should provoke immediate suspicion if you see it pop up on your analytics reports.

Recovering from a Hack

quiz-cleaning-orig

Say that, unfortunately, you’ve detected one of these symptoms and confirmed that yes – indeed – a hack has taken place. It’s a sick feeling, for sure, to know that your site’s security has been compromised, but you can’t let that stop you from taking immediate action.

Here’s how to handle your hack:

Begin repairing the damage

Acting quickly is incredibly important when it comes to recovering from a hack. If you’re lucky, and you detect the hack before things get too bad (as in, before your reputation is irreparably tarnished and your site is permanently blacklisted), you’ve got two choices. You can either fix it yourself, or you can call in the professionals.

If you’re truly tech savvy and have expert-level coding skills, by all means – take a crack at repairing your site on your own. Don’t be too over-confident, though. Hackers do what they do for a reason, and there’s a good chance that if they were able to slip into your site undetected, you’ll either miss a necessary part of the clean-up process or inadvertently make the situation on your site worse.

Nearly all webmasters running WordPress sites are going to be better served by turning to security experts to assist in the repair process. As I mentioned before, Sucuri are my go-to guys, but posting a notice to sites like Guru or Elance should help you turn up a talented web developer or recovery specialist as well. Be sure to check each candidate’s credentials thoroughly before hiring, though, as an unskilled coder could leave you with a bigger mess than you began with.

Notify your followers

Next, it’s time to own up to what’s happened on your site. You know what’s embarrassing? Having to admit to your customers that a hack has occurred. But you know what’s even worse? Having them speculate on why your site is down or worry that those strange code snippets they saw mean their own private information has been compromised.

Notifying your followers is especially important if there’s even the smallest possible chance that any of their information you had stored on their site was accessed or stolen. In this case, it’s best to be direct. Outline what has happened, what types of information may have been compromised, what followers should do next (for example, order new credit cards or request a free copy of their credit reports) and what steps you’re taking to make things right in the future. Offer your sincerest apologies for any inconvenience your hack – even if it isn’t really your fault.

Since your site is likely still down for repairs, you’ll want to disseminate this information through other channels. Social profiles are a great first place to start, but sending an email (if your domain hasn’t been blocked by your provider) or putting out a press release may also be appropriate, depending on the scale of your hack and the size of your audience.

Lock your site down for the future

Finally, if you’ve gone through the hack process once, you’ve probably already guessed that one of your top priorities should be reducing your risk that this type of attack will ever happen again. And if you haven’t gone through a hack yet, trust me on this – an ounce of WordPress preventative security measures is worth a pound of site repair cure!

If you’re running WordPress, there are a number of steps you’ll want to take to help remedy the weaknesses that come along with an open source system:

  • Pick a strong password. This should go without saying, but even the greenest of hackers can find a WordPress site’s login page by typing in the URL and adding “/wp-admin/” to the end. So while you might think this private page is for your eyes only, it isn’t – and if your user name isn’t matched with a secure password, you’ve made it easy for troublemakers to break into your database and make changes.
  • Get rid of your admin user account. On a similar note, hackers know that WordPress comes with the default username labeled “Admin.” If you haven’t changed it, you’re essentially handing hackers the first half of your login credentials.
  • Update your WordPress, plugin and theme editions. As soon as a new version of WordPress (or any of its popular plugins or themes) is released, hackers get to work figuring out what loopholes the update has introduced. Once they’ve identified these issues, exploiting them is as simple as seeking out installations using these dated versions. While it won’t deter every attack, keeping your site and its add-ons up-to-date makes you more than just a sitting duck.
  • Change your default “wp_” prefixes. The basic WordPress installation creates a database whose files are all appended with the “wp_” prefix. As in the case of the admin user, knowing this standard file structure makes it easier for hackers to find and access your files. Change them using this tutorial here or by installing the WP Security Scan plugin.

Next up, consider installing all of the following security plugins to help address weaknesses and loopholes that the changes above won’t protect:

  • WP DB Backup. Restoring your website after a hack is a lot easier if you have a clean copy of your database to work off of. The free WP DB Backup plugin (or, alternatively, the WP-DB Manager add-on) maintains this copy for you and automatically update it as the information on your site changes.
  • WP Security Scan. One of the first places hackers enter your website is through files that have been set with inappropriate permissions levels. The WP Security Scan plugin protects you from this risk by cataloguing your different files and file permission levels, as well as notifying you when permissions should be changed to minimize the risk of an attack.
  • WP Login Security 2. One way hackers enter your site is with brute force attacks on your WP-Admin page. A plugin like WP Login Security 2 circumvents these hacks by requiring users from unknown IP addresses to verify their identities via email message. Plugins that make the process even more secure (like Semisecure Login Reimagined and Login Security Solution) exist, but I find that this particular option offers a nice balance of security and low administrative hassle. Login Lockdown and Limit Login Attempts are two other another popular choices that take the simpler approach of locking down potential hackers after a certain number of failed login attempts.
  • WordPress Firewall 2. Just like your home computer needs a firewall to keep sensitive files safe, your WordPress blog can benefit from a plugin like WordPress Firewall 2. This add-on (and others like it) keeps an eye on the traffic coming to your site to be sure nobody tries to access your code or inject malware snippets into your site.
  • WordPress File Monitor Plus. On the off chance that a hacker makes it past your site’s firewall, a monitoring plugin like WordPress File Monitor Plus or WordFence will notify you whenever changes are made to the files on your site. If they’re your changes, that’s fine – you can disregard the system’s messages. But if you aren’t the one responsible for the tweaks, you’ve got an advanced warning that a hack has occurred, allowing you to resolve the situation before any truly bad outcomes take place.

If you’re a Sucuri subscriber, you can use their WordPress plugin to handle many of these needs, including a site firewall and malware scanning feature. There are also plenty of different paid WordPress security plugin options, such as VaultPress and WordFence Premium that many of these different needs from within a single system.

WordPress security may sound complicated, but it’s something you can’t afford to ignore. Maybe you’ll be one of the lucky ones who’s never targeted, but as with so many things in life, it’s better to be prepared for the possibility than to find yourself scrambling to repair the damage from a hack you could have prevented. Adopting the tips above won’t guarantee your site will never be hacked, but it’ll make the process much easier to deal with, should the worst occur.

Has your site ever been hacked? Share how you dealt with it by leaving a comment below!

 

19 Growth Hacking Resources You Won’t Want to Miss

If you’ve read my past post on growth hacking, you know that my first rule of growth hacking is that you don’t talk about growth hacking – you go out there and get the shit done.

The resources below have all found a balance between these two pursuits. They’ve taken action, seen results, and now they’re sharing their insights with the following 19 resources you won’t want to miss: Continue reading “19 Growth Hacking Resources You Won’t Want to Miss”

How to Build a Marketing Strategy that Guarantees Conversions

handshake

Let’s get one thing straight right now… If you’ve got a piece of shit product that you’re trying to sell to the wrong people, for the wrong amount of money, I can’t help you.

Instead, what I’m offering in this article is a process you can use that – when applied correctly – virtually guarantees conversions from your digital marketing efforts. If you’re ready to put in the effort, there’s no reason you can’t use this approach to make money selling products and services online.

Ready to dive in? Let’s get started…

Step #1 – Establish product-market fit

Plenty of marketers out there think that making sales online comes down to the tools you use – as if adding the right landing page creation tool or a new pop-under banner program is the secret to profitability that will somehow make up for a weak product-market fit.

Unfortunately, it isn’t the mechanics of your site that lead to sales. Although image matters, when it comes down to it, sales result from matching up a market segment with a problem to a product that solves their issues and that they can acquire without too much pain. Old school marketers call this “product-market fit,” and it’s a vital component to have in place before you begin your content marketing campaigns. Continue reading “How to Build a Marketing Strategy that Guarantees Conversions”

13 Must-Read Resources for SaaS Marketers

saas marketing

According to prominent venture capitalist Marc Andreessen, software is “eating the world.” There’s never been a better time to be involved with a software-as-a-service (SaaS) company, but the growth of this industry segment means that competition among providers has never been higher.

Here’s what you need to know to help set your SaaS product apart from the crowd: Continue reading “13 Must-Read Resources for SaaS Marketers”

How to Audit Your Content Marketing Strategy

content audit

Looking for a wild way to spend your evenings, or a fascinating project to really dig your teeth into at work?

Well… conducting a content audit isn’t it.

Auditing your website’s marketing content isn’t a glamorous activity, but it’s an absolutely critical part of getting the most out of your content marketing campaigns. A content audit will tell you what’s working for you, what isn’t, and where your opportunities lie to further leverage the content you’ve already created.

It’s a worthwhile activity, if not necessarily an exciting one.

Step #1 – Identify Your Campaign Goals

Now, before we get into the meat of the content campaign auditing process, there’s one preliminary step you need to take that will determine how you approach the following actions. You need to start by figuring out what the goal of your audit is.

There’s no “one size fits all” approach to content auditing, so the specific steps you take and the level of complexity you invest in each of them will depend on what you’re hoping to get out of your audit. Any of the following could be potential goals:

  • Determine what types of content to create next. Analyzing the past performance of your current content according to the metrics you choose will give you plenty of ideas for filling out your content calendar.
  • See where your competitors are beating you. If you’re lagging behind your competitors in content performance, comparing your existing content to theirs should give you ideas on where you can improve.
  • Justify your expenses to your boss. If your manager isn’t convinced that content marketing is paying off relative to its investment, auditing your content is the only way to show how your efforts have performed.
  • Figure out where to begin a paid content marketing campaign. In my opinion, native advertising is a tool that all marketers must get comfortable with in order to counteract the tremendous amount of noise online. But before you undertake any kind of paid campaigns, you need to know which of your current content pieces are performing best to determine where your dollars will be better spent.
  • Plan for a website redesign. If you’re changing things up on your website, listing your current content will show you where you need to setup URL redirects, as well as give you ideas about the past content pieces you might want to display more prominently on your new site.
  • Evaluate your guest author efforts. If your site uses multiple guest authors (free or paid), measuring the success of their work relative to each other will show you who to work with in the future and who to let go.

Continue reading “How to Audit Your Content Marketing Strategy”

13 Resources to Answer All Your Social Media Questions

Social media marketing seems like it should be intuitive, but anybody who’s ever run a campaign knows that this seemingly-simple technique becomes much more complex in execution.

Whether you’re new to social media or have been connecting with followers online for some time, you’re bound to have questions about how to make your campaigns as effective as possible – and you’ll find the answers in the links below: Continue reading “13 Resources to Answer All Your Social Media Questions”

17 Killer SEO Resources

seo 2015

I wrote recently that I see major changes in store for SEO in 2015, as this once-independent technique gets rolled into other online marketing strategies in response to search engine changes and the way brands must fight to stay alive in this increasingly-competitive digital landscape.

So what should you do to prepare for SEO this year?  Take a look at the following tutorials to get up-to-speed! Continue reading “17 Killer SEO Resources”

7 Tools to Help You Take Your Email Marketing to The Next Level

It’s 2015 and it’s clear that email marketing still works. In fact, in 2014, email marketing was ranked the best marketing channel for return on investment (https://econsultancy.com/reports/email-census).

Unfortunately to many businesses, email marketing still looks like this:

  1. Collect emails, usually from a blog.
  2. Send newsletters with new blog posts.
  3. Hope that newsletter subscribers become customers. 

But this is just the tip of the email marketing iceberg.

To get bigger returns from your email marketing, you need to take things to the next level. So we’ve put together a list of seven tools to help you get more from your email marketing campaigns.

  1. Autosend – Wouldn’t it be great if you could read your customers’ minds to find out what they want? Unfortunately you can’t, but Autosend comes pretty close. Autosend helps you send automated emails and SMS messages to your customers based on what they do (or don’t do) on your website. For instance, anytime a customer doesn’t complete a purchase or looks at your FAQ page longer than the average customer, Autosend tracks this and sends a personalized email or text message to help before they ask.

Continue reading “7 Tools to Help You Take Your Email Marketing to The Next Level”

16 Killer Content Marketing Resources All Entrepreneurs Need

bg_15

Content marketing is here to stay, so if you’re working on your 2015 game plan, make sure to include the following articles in your “must read” list.  Whether you’re looking for ways to stretch a single blog post topic into a meaty five-piece series or you’re wondering when to publish your posts for maximum effect, you’ll find answers to these questions and more in these 16 killer content marketing resources: Continue reading “16 Killer Content Marketing Resources All Entrepreneurs Need”

50 Promotion Tactics To Include In Your Content Marketing Strategy

content promotion

You’ve slaved away over your site’s content marketing pieces – don’t let that effort go to waste by failing to give your creations the promotional bump they need to get found!

Promoting your content isn’t nearly as fun as creating it, but it’s a vital part of content marketing success.  And since there’s no “one size fits all” promotional approach that will suit all businesses, I’ve compiled 50 expert tips on different strategies you can use to get your content seen.  Read on for suggestions from some of today’s top marketing experts, as well as techniques drawn from my own experience in digital advertising: Continue reading “50 Promotion Tactics To Include In Your Content Marketing Strategy”