Table of Contents[Hide][Show]
My website was hacked here’s the story
As a small business owner, and especially one who owns a boutique website design company, having your website hacked can be a terrifying and disorienting experience.
Through my own personal experience of completely losing my company website and all my rankings in Google, Bing, etc. for more than 2 years, I’ll share with you what led to the hacking, how it affected me, what steps I took to get back online safely and securely again – and what lessons I learned as a result that could help save your businesses from going through the same ordeal.
It’s going to be a long road back to number one, but I’ll get there – and I’ll try to document some of the process along the way.
A little backstory
As a web developer and serial entrepreneur, at any given time I have hosting at multiple providers and a graveyard of domain names waiting to be used.
Back in 2017 when I started CLK Media, one of the providers I had was a shared hosting account with Hostgator that I’d had for many years.
Since this was already paid for, I built my first website for the company on those servers and always intended to move it to a better managed cloud host once business began to pick up. So I did the initial setup and basically didn’t touch it much after that.
And for some time it worked great for me and I got a lot of work from it.
Long story short, months turned to years and my business website sat on that shared server never getting updated until June of 2021.
That is around the time I found “enough time” to pay attention to my neglected website and realized there was a huge problem.
How I discovered my website was hacked
Finally getting around to checking my website’s traffic and analytics one summer day, I noticed a significant spike in strange pages, unusual keywords, and links from unknown sources. Curious, and now slightly on edge, I dug deeper and quickly realized that my website was hacked.
Panic sets in…room starts spinning.
So I did a quick site search on Google with the search operator “site:clkmedia.co” which will show verify the pages Google has indexed and noticed 100’s pages that I didn’t create.
The image above shows some spam pages a few weeks after I started the disavow and deindex process with Google. So some had already been removed from the index.
This is a time-consuming process and not fun by the way.
What this means is that the attackers inserted spam page URLs and malicious links by creating 100’s and 100’s pages, linking to all manner of weird and random sites, causing an increase in traffic to my site from those suspicious sources.
These spammy pages being listed on my site meant that Google started associating it with those keywords and thus ranking it for random things like, “ankle holsters” and “funny koozies”. Not exactly what I’m going for.
My heart sank and I’m pretty sure I lost all the color in my face.
This is how I lost my page 1 Google Rankings
Now that my site had 100’s of pages that were not directly related to my primary topic, website design and branding, the relevance of all my other page’s authority got seriously diluted and completely fell off a cliff.
Where I used to rank in the top 3 positions for many of my best search terms, now those keywords sat on Google search pages that aren’t good for anything but hiding bodies.
Crickets.
This was a nightmare scenario.
And not only did it hurt my website’s reputation in search engines, but it also opened up the possibility of malware infections for my visitors.
There’s really no telling how long my site had been hacked, but I knew it was bad.
Keeping a close eye on my website was something I just didn’t have time for because I was running a fairly new business and I had plenty of other things keeping me busy.
Obviously, now in hindsight, I wish I would have made time.
This was my downfall, and it was a lesson that I won’t soon forget
Steps I took to begin my website recovery
First I started trying to understand the scope of the hack to see how much of the site was affected, and then looked for vulnerabilities that may have allowed hackers to gain access.
Next, I disavowed any spammy backlinks and pages, and updated all the software that could have contributed to the incident.
Finally, I needed to get my site off the blacklist…
I submitted a request for review from Google to ensure my website was free of any malicious content. These initial steps not only gave me peace of mind but it is the only way to get a site back once it’s blacklisted.
How I identified the source of the attack
When it comes to cyberattacks, identifying the source is crucial for preventing future incidents and this can prove to be difficult in most cases.
In this particularly complex case, since there were so many things wrong, I knew I needed to start by getting in touch with the hosting company.
It took numerous attempts, but eventually, I was able to get ahold of the right person and gain additional insight into the situation. While they were doing their thing, I combed through my website’s plugins, database, files, doing Google searches looking for known vulnerabilities, and honing in on any that hadn’t been supported in a while that may have created said vulnerability.
I was ultimately able to identify the source of the attack and began working to mitigate the damage.
And it wasn’t something I had considered or even done anything about.
I did have outdated software, but In this case that wasn’t the root cause…
It turned out that another site on the same cheap shared server had been hacked and this allowed them to gain access to my site and many others as well.
This is the main problem with low-end shared hosting – bad neighborhoods let bad actors run amok.
What I learned from the experience
How it could have been prevented
When I reflect on my experience of dealing with a compromised website, I’ve come to a new appreciation for how important it is to keep your software updated regularly, and when a website is mission-critical, use the best hosting you can.
I took my site for granted and just assumed it was fine.
It’s easy to hope everything is good and just let things be, but this can be a dangerous mistake.
Going forward, I’m going to take the same advice I give my clients…
I will make sure to stay on top of updates and check it regularly to ensure everything is running smoothly.
This new website is hosted on our managed cloud hosting environment with server-level firewall and security.
It’s a hard lesson to learn, and honestly a little embarrassing, but I hope my experience can serve as a cautionary tale for others to take website and security seriously.
Tips on how to protect your website from future attacks
At the risk of being repetitive, here are the measures you can take:
First, be sure to keep all your software and plugins up-to-date. Outdated software is often the cause of vulnerabilities that attackers can exploit – especially true with WordPress websites.
Use strong and unique passwords for all user accounts associated with your website, and enable two-factor authentication whenever possible. Never use the same password for your administrator accounts that you use for any other login anywhere.
Regularly creating full backups and restore points of your website can also be your one saving grace in case of an attack like this.
With any top-tier managed hosting provider these can be used to restore your website to a clean state like the attack never happened.
Finally, consider utilizing a web application firewall to monitor incoming traffic and block suspicious activity.
These simple measures will help to ensure that your website stays secure and protected from potential catastrophes.
- make sure you know how to identify risk indicators
- keep regular backups of website files and databases
- update your passwords routinely and use strong passwords (not your mother-in-law’s dog’s birthday)
- be aware of new security threats related to your tech stack (server, software, etc)
- setup your web domains for automatic renewal (so they don’t get hijacked)
- use additional protection layers such as web monitoring solutions and firewall software
- establish a reliable point of contact at your hosting provider
Rebuilding The Site
Restoring data and getting back online
Unfortunately, since the hosting I was using for my site didn’t provide daily backups so I had no viable option of going back to a point in time when my site wasn’t compromised.
Going through the process of restoring your data after a site crash or hack without backups can make you feel like giving up completely.
And so rebuilding the site from scratch was my best option.
I shut my site down to protect my domain, clean it up and wait for Google to give me a clean bill of health.
Many website owners who experience these types of setbacks ultimately have to rebuild their sites from the ground up.
The good news is that with the right tools and strategies, it is possible to restore your data and get back online without all the headaches.
The moral of the story:
The key to a healthy, thriving website is investing in ongoing maintenance. Whether with time or treasure, just stay proactive and never let those updates slide.
Conclusion
Websites and software are vulnerable no matter who you are
As business owners we have a lot on our plates every day and it’s so easy to put our websites on the back burner.
It is an essential activity for any business owner, especially those of us operating websites, to ensure that the most important online asset we own is secure and always working for us, and that we don’t allow it to become a liability.
I never expected my website to be hacked until it was too late – thankfully, I was able to catch the hack and take the necessary steps to recover from it (eventually).
Today, (July 13, 2023) marks 2 years and 1 month since i’ve had a fully functioning website.
Looking back at this experience, a few important lessons have become apparent:
- The absolute necessity of managed hosting
- Regularly maintaining and updating
- Making sure to have a complete, restorable backup of your site at all times
- And learning proper preventive measures in order to safeguard against future attacks
I hope what I learned can help your business protect its websites and significantly reduce the probability of evil-doers compromising your website like they did mine.
Want to ensure your site is safe?
We should talk.
Ready to Get Started?
Starting at just $349, you can get a custom website and managed online presence for your business plus incredible support from a real web pro that has your back.
Get Started Today