Focus on hacking (1): What to do if your website has been hacked?

Focus on hacking (1): What to do if your website has been hacked?

“Help, my website has been hacked!” This is an unpleasant and serious scenario. But there’s no need to panic. Hostpoint explains what to do if your website is hacked. We also provide tips on what precautions website operators should take to heart.

Martin Schlatter Martin Schlatter · Abuse Desk Specialist

If you discover that your own website has been hacked, it initially comes as a shock for many of those affected, understandably. In order to minimize the damage to you and any consequential damage to third parties, there are a number of measures that affected website operators should take as soon as possible. Here is a summary of the most important actions Hostpoint recommends taking immediately:

What to do right away

Even if your website has been hacked, your hands are in no way tied. There are a few steps you can take right away. (Source: iStock)

Other steps to remember

Once these immediate measures have been taken, the affected website operators can also take care of cleaning up the infected data or restoring the website. Here, too, Hostpoint recommends taking several specific measures:

What is Hostpoint doing to protect me and my website?

Hostpoint attaches great importance to the security of its own infrastructure and the websites of its customers. That’s why we use a range of security measures and systems to effectively protect our customers.

We maintain our own top-quality, high-performance web hosting infrastructure that meets the highest security standards. Year after year, Hostpoint invests millions in maintaining and expanding its infrastructure while also continuing to develop its server software. In addition, Hostpoint’s infrastructure has protections in place to guard against DDoS attacks and certain protective mechanisms to automatically detect and, if possible, defend against attacks.

Customer data is backed up several times a day (going back up to 180 days depending on the product). Hostpoint also takes hourly snapshots of the last 24 hours. All data is stored at a high-grade data center certified for banking and operated by Interxion in Switzerland.

Regular maintenance and updates are key

Nevertheless, it is mainly the responsibility of the website operator or customers themselves to protect against hacking. Those who fail to regularly install the necessary and available security for their websites will be at greater risk. We have put together a few practical rules and recommended actions that every website operator should take to heart:

There are other precautions as well, such as using computers and web browsers that are regularly updated, current anti-virus software and firewalls, website and file system monitoring and encrypted data transmission via SFTP.

You can update CMS versions in the Hostpoint Control Panel with just a few clicks. For optimal protection, the plug-ins and themes used should also be updated regularly.

You can find more helpful information in our Support Center and on the websites of the National Cyber Security Centre (NCSC), the Swiss Crime Prevention organization (SKP) or visit the Swiss Internet Security Alliance (iBarry) for more helpful tips on preventing cyberattacks.

You can report hacking incidents via the NCSC by going to the following web address:

Security precautions are no guarantee for security

Unfortunately, there is no such thing as complete protection against hacking attacks. With what are known as zero-day exploits, hackers ruthlessly exploit vulnerabilities as soon as they are discovered. If, for example, a security vulnerability crops up in a plug-in used on your website, it is unfortunately possible that hackers will exploit this vulnerability before the developers responsible for the software even become aware of it. Nevertheless, the precautions described above (particularly regular updates) are the best way to minimize the likelihood of a hacking attack.

If you want to bother with the issue of security as little as possible, you can assign this task to a webmaster or a digital agency, for example. Or you can opt for Software-as-a-Service (SaaS) solutions like Hostpoint’s Sites and Webshop products. For products like these, the web hosting provider – in this case Hostpoint – manages security and maintenance tasks, such as monitoring and installing updates.

Visualization of an email inbox in a laptop screen with Cloud Office icon. Visualization of an email inbox in a laptop screen with Cloud Office icon.

An e-mail address with your own domain

Discover the new e-mail packages with Cloud Office from Hostpoint. The domain of your choice for your email addresses, generous mailbox and Drive storage, various Office tools and much more.