{"id":1506,"date":"2019-02-08T10:35:58","date_gmt":"2019-02-08T10:35:58","guid":{"rendered":"https:\/\/blog.hostinger.io\/support\/2019\/02\/08\/1583390-what-to-do-if-your-account-or-site-has-been-hacked-at-hostinger\/"},"modified":"2026-03-16T12:12:17","modified_gmt":"2026-03-16T12:12:17","slug":"1583390-what-to-do-if-your-account-or-site-has-been-hacked-at-hostinger","status":"publish","type":"post","link":"https:\/\/www.hostinger.com\/support\/1583390-what-to-do-if-your-account-or-site-has-been-hacked-at-hostinger\/","title":{"rendered":"What to Do if Your Account or Site Has Been Hacked at Hostinger"},"content":{"rendered":"<p class=\"no-margin\">Although there are many potential vulnerabilities that can be exploited by hackers, one thing that you do not need to worry about is <b>server security<\/b>. Our servers have <b>advanced security modules<\/b> that assure the best possible protection, such as mod_security, Suhosin PHP hardening, PHP open_basedir protection, and others. Check <b><a href=\"\/support\/1583287-what-security-measures-does-hostinger-use\" target=\"_blank\" class=\"intercom-content-link\">What Security Measures Does Hostinger Use?<\/a> <\/b>for more information. <\/p><p class=\"no-margin\">\n<\/p><p class=\"no-margin\">We also have an automatic <b><a href=\"\/support\/6197555-what-is-malware-scanner\" target=\"_blank\" class=\"intercom-content-link\">Malware Scanner<\/a><\/b> that will help identify and remove malicious files on your hosting plan. <\/p><p class=\"no-margin\">\n<\/p><p class=\"no-margin\">If you suspect that your account or website was hacked, check the article below for the possible reasons, actions you can take, and how to prevent it.<\/p><hr><h2 id=\"why-did-it-happen\">Why Did It Happen?<\/h2><p class=\"no-margin\">The most common reasons are: <\/p><ul>\n<li>\n<p class=\"no-margin\"><b>Outdated web applications<\/b> &ndash; Using older versions of your CMS (WordPress, PrestaShop, Joomla, etc.)<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\"><b>Outdated or nulled extensions<\/b> &ndash; Third-party extensions such as plugins, modules, or themes can be vulnerable if outdated. Also, be aware of paid extensions offered for free on unofficial sites, as they may have been modified to include malware<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\"><b>Weak, exposed, or breached passwords<\/b> &ndash; Using passwords that are easy to guess, repeating the same password across different services, or using passwords that were publicly posted (for example, if you have it written down on a sticky note at your desk)<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\"><b>Infected local computer <\/b>&ndash; Some computer viruses can steal your login information and use it to add malicious code to your web files<\/p>\n<\/li>\n<\/ul><hr><h2 id=\"what-to-do-if-a-profile-or-site-is-hacked\">What to Do if a Profile or Site Is Hacked?<\/h2><p class=\"no-margin\">There are a few things to look for that can indicate a potential hack:<\/p><ul>\n<li>\n<p class=\"no-margin\"><b>Changes on your hosting plan or files<\/b> that were not made by you or someone you have authorized, such as a developer managing your website<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\"><b>Unrecognized accesses<\/b> registered in the Login History of your <b><a href=\"\/support\/5863678-how-to-check-my-hostinger-account-s-login-history\" target=\"_blank\" class=\"intercom-content-link\">Account Activity<\/a><\/b><\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">An <b>unexpected increase<\/b> in your hosting&rsquo;s <b><a href=\"\/support\/2436138-where-to-find-usage-statistics-of-my-website\" target=\"_blank\" class=\"intercom-content-link\">resource usage<\/a><\/b><\/p>\n<\/li>\n<\/ul><p class=\"no-margin\">\n<\/p><p class=\"no-margin\">If you notice these or other unusual changes, the recommended actions are:<\/p><ol>\n<li>\n<p class=\"no-margin\">Checking your <b>devices <\/b>for any <b>viruses and malware <\/b>(you can use <b><a href=\"https:\/\/www.malwarebytes.com\/\" target=\"_blank\" class=\"intercom-content-link\" rel=\"noopener\">Malwarebyte<\/a><\/b>s for this)<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Checking your <b>browser<\/b> for any suspicious <b>extensions<\/b><\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Changing the <b>passwords<\/b> for all of your accounts associated with the site: devices, <b><a href=\"\/support\/1583493-how-can-i-reset-my-account-password\" target=\"_blank\" class=\"intercom-content-link\">hosting account<\/a><\/b>, e-mail, <b><a href=\"\/support\/5634574-how-to-change-your-ftp-password-on-hpanel\" target=\"_blank\" class=\"intercom-content-link\">FTP access<\/a><\/b>, and so on<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">For <b>website <\/b>hacking: <\/p>\n<ol>\n<li>\n<p class=\"no-margin\"><b><a href=\"\/support\/4283700-how-to-restore-a-site-from-backup-at-hostinger\" target=\"_blank\" class=\"intercom-content-link\">Restoring the website<\/a><\/b> using a backup from a date when it was working perfectly fine and then <b>updating all of your plugins, theme, and CMS itself<\/b><\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Optionally, you can <b><a href=\"\/support\/2298928-how-to-make-backups-at-hostinger\" target=\"_blank\" class=\"intercom-content-link\">download your website files<\/a><\/b> and check them with an antivirus application<\/p>\n<\/li>\n<\/ol>\n<\/li>\n<li>\n<p class=\"no-margin\">For <b>account <\/b>hacking: <\/p>\n<ol>\n<li>\n<p class=\"no-margin\"><b><a href=\"\/support\/1583257-how-can-i-change-my-hostinger-account-password\" target=\"_blank\" class=\"intercom-content-link\">Change the password<\/a><\/b> of your Hostinger profile and the email you use to log in<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">If available for you, <b><a href=\"\/support\/4888385-how-to-link-hostinger-account-to-social-login-google-facebook-github-accounts\" target=\"_blank\" class=\"intercom-content-link\">set up social login<\/a><\/b><\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Set up <b><a href=\"\/support\/4888148-how-to-set-up-two-factor-authentication-on-your-hostinger-account\" target=\"_blank\" class=\"intercom-content-link\">two-factor authentication<\/a><\/b> for both your Hostinger account and the email you use to log in. The <b>application method<\/b> is highly recommended, as it provides more security<\/p>\n<\/li>\n<\/ol>\n<\/li>\n<\/ol><p class=\"no-margin\">And make sure to <b><a href=\"\/support\/1583780-how-to-contact-live-support\" target=\"_blank\" class=\"intercom-content-link\">report it<\/a><\/b> so we can perform additional checks on our part.<\/p><hr><h2 id=\"h_596b371c84\">How to Prevent It?<\/h2><p class=\"no-margin\">Here are some measures you can take to protect your account and your sites:<\/p><ul>\n<li>\n<p class=\"no-margin\"><b>Never provide your login and password to anyone<\/b>. If you wish for a developer to manage your website, you can use our <b><a href=\"\/support\/1583777-how-to-use-access-manager\" target=\"_blank\" class=\"intercom-content-link\">Access Manager<\/a><\/b> feature<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\"><b>Scan <\/b>regularly all your devices with up-to-date <b>antivirus <\/b>and <b>antimalware <\/b>software<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Keep your <b>CMS and application<\/b> <b>extensions<\/b> <b>updated<\/b> to the <b>latest version<\/b><\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Download extensions\/plugins\/modules\/themes only from <b>trusted sources<\/b><\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Always use <b>secure and strong passwords<\/b>. You can find some useful recommendations here: <b><a href=\"\/support\/1583257-how-can-i-change-my-hostinger-account-password#h_81fe2279b1\" target=\"_blank\" class=\"intercom-content-link\">How to create a strong password?<\/a><\/b><\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">Enable <b><a href=\"\/support\/4888385-how-to-link-hostinger-account-to-social-login-google-facebook-github-accounts\" target=\"_blank\" class=\"intercom-content-link\">social login<\/a> <\/b>for your Hostinger account, as well as <b><a href=\"\/support\/4888148-how-can-i-set-up-two-factor-authentication-to-my-hostinger-account\" target=\"_blank\" class=\"intercom-content-link\">two-step authentication<\/a><\/b> for your CMS admin dashboard<\/p>\n<\/li>\n<li>\n<p class=\"no-margin\">And if your website is WordPress-based, here are <b><a href=\"https:\/\/www.hostinger.com\/tutorials\/how-to-secure-wordpress\" target=\"_blank\" class=\"intercom-content-link\">additional methods to protect it<\/a><\/b><\/p>\n<\/li>\n<\/ul><p class=\"no-margin\">By following these practices, you will ensure maximum protection for your website!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Learning why accounts might get hacked and how to avoid it<\/p>\n","protected":false},"author":581,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"include_on_kodee":true,"footnotes":""},"categories":[273],"tags":[],"class_list":["post-1506","post","type-post","status-publish","format-standard","hentry","category-website-security"],"hreflangs":[{"locale":"en-US","link":"https:\/\/www.hostinger.com\/support\/1583390-what-to-do-if-your-account-or-site-has-been-hacked-at-hostinger\/","default":1},{"locale":"es-ES","link":"https:\/\/www.hostinger.com\/es\/support\/1583390-que-hacer-si-tu-cuenta-o-sitio-han-sido-hackeados-en-hostinger\/","default":0},{"locale":"fr-FR","link":"https:\/\/www.hostinger.com\/fr\/support\/1583390-que-faire-si-votre-compte-ou-votre-site-a-ete-pirate-chez-hostinger\/","default":0},{"locale":"id-ID","link":"https:\/\/www.hostinger.com\/id\/support\/1583390-tolong-website-saya-diretas\/","default":0},{"locale":"pt-PT","link":"https:\/\/www.hostinger.com\/br\/support\/1583390-o-que-fazer-se-sua-conta-ou-site-for-invadido-no-hostinger\/","default":0},{"locale":"uk-UA","link":"https:\/\/www.hostinger.com\/ua\/support\/1583390--------\/","default":0}],"include_on_kodee":true,"_links":{"self":[{"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/posts\/1506","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/users\/581"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/comments?post=1506"}],"version-history":[{"count":0,"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/posts\/1506\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/media?parent=1506"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/categories?post=1506"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hostinger.com\/support\/wp-json\/wp\/v2\/tags?post=1506"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}