What to Do If Your Website Has Been Hacked
Finding out your website has been compromised is alarming, but it's important to act quickly and methodically. Here's what to do if you suspect or confirm your site has been hacked.
Step 1: Don't Panic - Take Stock
Signs of a hack include: unexpected redirects, defaced pages, spam content injected into your site, Google warnings, or your hosting account sending spam emails. Confirm the issue before taking action.
Step 2: Take Your Site Offline Temporarily
To prevent further damage and protect your visitors, put your site into maintenance mode or temporarily rename your index.php / index.html file while you clean up.
Step 3: Change All Passwords Immediately
- cPanel password
- FTP / SFTP account passwords
- Database passwords
- WordPress or CMS admin password
- Email account passwords
Step 4: Restore from a Clean Backup
dotCanada provides JetBackup through cPanel. Restore your site from a backup taken before the compromise occurred. Go to cPanel › JetBackup to browse and restore available backups.
Step 5: Scan and Clean
Even after restoring, scan your files using a security plugin (like Wordfence for WordPress) to catch any remaining malicious files. Remove any plugins, themes, or scripts you didn't install.
Step 6: Update Everything
Update your CMS, plugins, and themes to their latest versions. Outdated software is the most common cause of website hacks.
If you're unsure how to proceed or need help with cleanup, contact our support team right away.
100% Satisfaction Guarantee
We're so confident you'll love dotCanada that we offer a 30-day money-back guarantee. Not satisfied? Get a full refund, no questions asked.
Ready to Get Started?
Join thousands of Canadian website owners who trust dotCanada for reliable, fast web hosting.
Get Started Today