Hacking is regularly performed by automated scripts written to scrub the Internet in an attempt to exploit known website security issues in software. Here are our top 5 solutions to help keep your hacked php website safe online.
Solution 1 :
Most Probably, the issue is with the access permissions you might have granted to the files.
Go to your web hosting server, and check what permissions you have set for the files. There will be a number that represents the permission level.
Here the first digit of the number represents admin access rights, second digit represents group of users, and third digit represents anyone in the world. The 2nd and 3rd digit shouldn’t be above 4.
777 means anybody in the world access/modify the files.
Usually you’d reserve the write & execute features to user only. 644 is entirely secure.
Solution 2 :
I would recommend to check your website for any viruses, just in case if the attacker left any backdoor. If you’ve got a backup of your website then apply that but remember that the previous version will contain the vulnerability that may permit anyone else to take over your site again.
At the same time, simply change the index file of your server (most likely index.php) to something like under maintenance. Then get your old script backup and scan it and restore your website. In case you don’t have a backup then also scan your current files and check if any indirect access is available.
Solution 3 :
Most likely, this might had happened because of SQL injection. PHP has a special function like “mysql_real_escape_string” to avoid SQL injection. You should make sure to validate every database query through this.
Also /administrator is the most evident place for administrator dashboard, don’t utilize that for facilitating your administrator dashboard.
If your website got hacked, then first try to back up the data. Change all administrator credentials, then check for any trace of backdoors and remove them.
Solution 4 :
Here are the instructions what you should do if your website got hacked
- Restore the website as soon as possible from a previous taken backup of the content.
- Next, Analyse the data when the website was hacked. Study and analyze the recent changes in database, log files, content and also check the file access records. The entire procedure is to discover the way the hacker utilizedso that further similar attacks can be avoided.
- You need to find out whether it was a DOS based attack, whether it affected other sites on the same server or the hacker exploited bad security in code.
- After gaining some insight, you have to change your system to stop additional attacks. That might include changing some code that provided unwanted access, standard attacks like CSRF, XSS, SQL injection.
- If you find the hacker left any suspicious file, Inform to your service provider (hosting).
Solution 5 :
Script kiddies now-a-days utilize instant scripts that are coded in php. These scripts are known as shells.These shells might be utilized by these kiddies for symlinking with your website content. You have to detect these shells and get it removed.
They may have uploaded it using cpanel of your website. That means your admin panel may have some vulnerability which gives unauthorized access or your website may be vulnerable to other attacks like XSS.
Also they have made changes to your index.php, replace this with your code( backup ) and get that shell deleted from server.