Instructions on what to do in case the website is hacked
- Disable the website.
- Contact us – send us basic information about the web (used technologies, versions, purpose) and the following data for forensic examination:
- website access logs and web server logs
- a complete copy of the website (if it is a separate virtual, then send a snapshot)
- the output of the Lift tool, which collects data for forensic analysis
- We will analyze the website and find out what caused the attack
- Based on the findings, we will recommend to you how to secure the website (update, restrict access, change the password, uninstall unnecessary plugins, etc.).
- After securing the website according to our recommendations, you can make it available again.
If the context requires it, then only a fundamental analysis can be performed, and the restoration of the website from backups can be allowed. Additional security measures will be applied subsequently, according to the results of a more detailed analysis.