Recovering from a Hacked Website
Discovering your website has been hacked is alarming, but with clean backups and a clear process it is recoverable. The goal is to get back online safely without simply restoring the same vulnerability that let the attacker in.
This article outlines the steps we follow to recover a compromised site and stop it happening again.
The Recovery Steps
Order matters — rushing to restore before understanding the breach often just reinfects the site.
- Take the site offline or into maintenance mode.
- Identify how the attacker got in.
- Restore from a clean backup taken before the breach.
- Patch the vulnerability and change all credentials.
- Monitor closely after bringing it back online.
Why Versioned Backups Are Vital
If you only have last night's backup and the site was compromised a week ago, that backup is already infected. Versioned history lets us go back to a genuinely clean point.
Frequently Asked Questions
Should we just restore and move on?
No — without fixing the original weakness the site will simply be hacked again. Recovery and hardening go together.
Can you tell when the hack happened?
Usually, by examining logs and file changes, which helps us choose a backup from before the compromise.
If you need a hand with any of this, your Progressive Robot delivery team is ready to help. Raise a ticket from the Support area of your client portal or speak to your account manager and we will guide you through the next steps.