Unfortunately, all too many times site owners do not prepare for their site to be hacked. If you’re using an open source CMS, your site will probably end up being hacked at some point, regardless of how many preventative measures you take. Here are a few tips on what to do to prepare for that eventuality, and what to do when it happens.
1. Have a plan.
Simply by reading this article, you’re one step ahead of everyone. You’ve admitted your site is likely to get hacked at some point. Next, you need to prepare a written plan. For starters, use the tips in this very article.
2. Backup your database.
If the damage the hacker does is fairly extensive, a recent backup means all you have to do is restore that backup. Done and done.
Now, how often you backup depends largely on how often your site is updated. The more often it’s updated, the more often you should backup. And remember, visitors commenting on posts or participating in a forum counts as the site being updated. So if there is a high level of community involvement in your site, you should backup daily.
3. Change your admin passwords.
Once the site is actually hacked, the very first thing you should do is change your password and the passwords of any other admins. Change their password to some random password. Then email all of them and tell them to contact you in order to set a new password.
4. Have someone help you look for hacked content.
If you’re lucky, very little was changed on your site. In cases like that, it’s sometimes easier to look through the site for the damage rather than restoring your backup. If that’s the situation you find yourself in, remember to have someone else help you look through the site. Two pairs of eyes are always better than one.
5. Revise your plan.
So you were hacked, and now you’ve fixed everything. While it’s fresh on your mind, review your written plan of action for the hacked site, and adjust accordingly.
Naturally, there will be additional steps you can often take that are specific to the CMS you’re using. So read up on it and see what they specifically recommend.