We’ve been hired to help a few customers recover after having their site hacked. There are a number of problems that hackers can cause you, and in this post a I’d like to share a particularly gruesome consequence and how we resolved it.
This customer was hit pretty hard by his situation because a good portion of his sales were generated from his website. He counted on his site, but it was in bad shape.
The messy situation when he reached out to us
I’ll give you a simple breakdown of the mess our customer was facing from getting hacked:
- The design was broken and he couldn’t log in to his content management system.
- His newest backup was months old.
- He recovered an old backup, causing him to lose a lot of content about his products.
It gets worse:
- The hackers installed some kind of malware.
- As a result Google evaluated the site, itself, as dangerous malware!
Because Google flagged his site as harmful malware, every time someone found it in a Google search, they were met with a red warning message along the lines of “This site is deceptive and may harm your computer.”
As I said, a lot of his business comes from people finding him on Google. Unfortunately, we had no traffic data from before working with him — but just imagine searching for something on Google and finding that message.
Would you click that link?
Cleaning up the mess
1. Got a new server
Normally I wouldn’t recommend changing servers, but I’ve heard stories about malware that just keeps coming back over-and-over, no matter how many times you try to delete it.
And since this customer relies so heavily on his website, we thought it would be best to start fresh on a new server to completely avoid that risk.
2. Installed a placeholder
We set up the server and designed a rough placeholder that resembled his old site. Then we copied over the main content.
3. Fixed Google’s malware status
Here’s the good part. Having successfully installed the site on a fresh new server, we set our sights on remedying the awful malware warning Google was attaching to his site.
The next step was to submit the site to Google for review. If everything worked out, Google would restore its status as a healthy site, and then remove the warnings.
I was glad that we moved to a new server. Not only does the review take a few days to complete, but on top of that — you can only request one review every 30 days. If the review failed, that’s 30 days of business down the drain.
Finishing up
I was quite relieved when the review was quickly approved, and the malware warnings were cleaned up.
With a safe, secure, updated WordPress installation, we were free to take our time and give the client a modern redesign.
