A couple months back I was approached by a new client who had a site that was suddenly redirecting to a porn site - only when viewed by a mobile device. Further investigating, I found that the site was indeed hacked and whoever did it was taking full advantage of the site. On top the spam redirect, the site was sending out massive amounts of spam resulting in their email service being blacklisted.
Why Did They Hack My Site?
A majority of the time a site isn't compromised because of the business itself but rather as an opportunity to perform further nefarious activity. The reasons behind their intent can be numerous but the 2 main factors are:
Since Google has taken very good control of spammy sites returning in totally unrelated results, the people running them have taken to drastic measures to get visitors. A hacked sites gives them a way to redirect traffic to their site - whether or not the visitor wants to visit it. They also use the sites as a way to send out spam email. Newsletter services won't allow for this type of activity so hackers use a compromised site as a way to get out their "good word" to the masses
Attacking Other Sites
In recent years the news has headlined stories of the sites of U.S. banks being attacked and this was accomplished by a network of hacked sites/servers sending massive amounts of traffic to the banks sites.
In an attempt to gain access to your visitors computers or steal their identity hackers will add malware code to your site.
So what are the tell tell signs that your site has been hacked?
1. Site Running Slow
If you suddenly find your site is running slower than usual, a full review along including checks if the site has been hacked. Especially if the site has been optimized for performance and suddenly is running noticeably slower.
A hacked server that is sending out massive amounts of spam or attacking other sites will run into severe performance issues.
2. Sudden Loss of Visitors
If the search engines start recognizing your site as spammy, they will reduce your relevancy rankings on anything you were ranked for or completely disavow you from searches all together.
3. Google Red Screen of Death
A glaring tell-tale sign is when visiting your site an ugly screen alerting to malware is displayed instead. In an attempt to compromise visitors computers, hackers will use your site to inject malware into their browsers/machines.
If this happens, additional steps of having your site removed from the malware blocks will need to be performed after restoring your site to a secure working state.
4. Black Listed Email/Email Being Sent to Spam
One of the many all-in-one-server pitfalls of having your companies email service and website on the same server is that if your hacked site is sending out spam, your email addresses could be flagged as spam and black listed as well.
As with the malware blocks, additional steps to have your mail service removed once your site is restored is required as well.
5. Strange Links on Site
Sometimes this isn't as noticeable as other signs. Someone who has hacked your site will add links or even worse - replace existing links to their site. An attempt to build "link juice" and send unsuspecting visitors to their site, they'll load a compromised site with links going to their site.
These links can have risks for the visitors as well with the possibility of being sent to a site that tries to steal personal data or infect their machines with malware.
Regular site checks and reviewing site analytics can identify if site visitors are being sent away from your page.
6. Site Redirects to Another Site
As with my clients site, a good sign your site has been hacked is if your site is suddenly being redirected to another site. This is commonly performed by adding redirects to the .htaccess file or adding meta tags within the sites web pages.
Thorough review of the .htaccess files and files in the website are required to make sure they this compromise was not place in multiple files.
Avoiding These Situations
When a site is hacked there's a good chance that the hacker has not only taken advantage of one or more of these activities but also left additional back doors in place to gain access again.
Though a site can't completely be protected from hacking, taking the proper measures to avoid these situations goes a long way. Regular updates and maintenance not only helps keep your site secure but also makes sure it is performing great as well
- Keep Wordpress Up To date
- Keep Plugins Up To Date
- Keep Wordpress Up To Date
- Keep Server Up To Date
- Keep Wordpress Up To Date
- Monitor site and server analytics for abnormalities
We can't say it enough but regular maintenance should be a high priority for any company with an internet presence.
Have a hacked site and not sure where to get started? Contact Digital Redefined today for a free consultation!