How to Recognise a Hacked Website and How to Prevent the Incident?
Some ways that may indicate that your website has been hacked:
- Weird content changes
Some hackers do vandalism by making changes to existing content with a certain purpose. The other hackers selfishly showing their existence or change it with racist content, etc. If your website is an information service website, then this will be very dangerous because it can reduce the credibility of your website.
- Website performance decreased drastically
Hacking activities can decrease the performance of a website, some activities such as SQL injection, virus installation, and phishing able cause the website to become heavy so that performance will also decrease. Slow websites are not uncommon, so it is necessary to carry out investigations if this happens.
- There are suspicious activities
An unidentified account that suddenly logs into your website can be marked as suspicious activities. An unknown IP address that tries to hit a page on your website continuously, can be classified as suspicious activity as well.
- Website destruction
Hackers often destruct the website from the 'backdoor'. Destructing the codes from within can direct to the elimination of intended content or making the website error or even inaccessible.
What to do if your website is really hacked?
- Close access to the website
This activity means closing the possibility of subsequent hacking while you carry out investigations. If the hacking carried out results in drastic changes to existing content, you need time to clean up your website to reduce user anxiety.
- Investigate important files
In addition to temporarily closing the website, you also need to check the important files on your website to make sure everything is safe. Note: This will be difficult to do if hackers consistently improve their ways to hide their code in those files. Making it more difficult for you to find the implanted codes.
- Use a monitoring service that is able to recognize site changes
Using a digital service that can detect any changes is very important to anticipate hacking as quickly as possible. It will notify you when there are changes to your website.
However, having a monitoring service can help you to speed up your movement in finding those unusual changes. SentryPage has a trained engine with thousands of hacked websites to detect changes to websites and identify those changes.
We understand that receiving hundreds or even thousands of alerts in 1 day is very difficult for us. Therefore, SentryPage helps us to classify these alerts into 2 parts, namely, alerts that have a hacker's signature or just content changes with the Attack Signature engine owned by SentryPage.