Edit This Page

Website under attack


Recover from having your website from being attacked or defaced.

Learn how to

A down website

Brenda publishes a story about corruption on her organisation's website. Hours later, the website is down and she worries it is being attacked to silence her.
Before she can be sure the site is under attack, Brenda needs to rule out other possible causes for the down website. If it is being attacked, she needs to know how to fix it.

What is a DDOS attack?

Silencing your voice

A threat faced by many independent journalists, news sites and bloggers is being silenced because their website is down or defaced.

Website takeover

In many cases, this maybe an innocent and frustrating problem. But on occasion, it may be due to a distributed ‘denial of service’ (DDOS) attack or a website takeover.

Overloading the website

A DDOS attack is when an attacker uses thousands of machines and possibly automated tools to repeatedly and rapidly view a webpage in order to crowd out normal readers.

DDOS attacks repeatedly view a webpage to overload the server

Rule out other reasons

Programming or technical problems

To start, it is important to know that there are many reasons why your website can be down. Most often this is due to programming errors or technical problems at the company that hosts the site.

Speak with an expert

Sometimes, other things like legal challenges can cause a host to turn a site off as well. Before you conclude you are the victim of a DDOS attack, make sure to root out potential problems by speaking with someone in charge of your website.

Fixing it yourself

If you don't have someone in charge of your website, read the lesson on other reasons your site may be down.

Fixing your website yourself can be difficult

Getting your site back up

Step 1

Talk to your webmaster

Contact a trusted person who can help with your website (your webmaster, the people who helped you set up your site, your internal staff if you have them and the company that hosts your site).

Step 2

Change your domain settings

Ask your webmaster to change the ‘Time to Live’ or TTL to 1 hour. This can help you redirect your site much faster once it comes under attack (the default is 72 hours, or three days).

Changing settings yourself

If you are trying to do this yourself: This setting will often be found in ‘advanced’ properties for your domain, sometimes part of the SRV or Service records. Refer to the guide put together by Gandi or work with the company you bought your domain from (like EasyDNS, Network Solutions, GoDaddy).

Step 3

Use a DDoS Migitation service

Have your webmaster move your site to a DDoS mitigation service. Examples:

As soon as you have regained control, review your needs and decide between a secure hosting provider or simply continuing with your DDoS mitigation service

DDoS mitigation services protect your website from being overloaded

Is your website defaced?

Step 1

Verify you website is defaced

Verify that this is a malicious takeover of your website. An unfortunate but legal practice is to buy recently expired domain names to ‘take over’ the traffic they had for advertising purposes.

Make payments on time

To prevent this, it is very important to keep payments for your domain name in order.

Step 2

Regain control of your website

If your website has been defaced, first regain control of your website login account and reset its password, see the Account Hijacking lesson for help.

Step 3

Make a backup of the defaced website

Make a backup of the defaced site that can later be used for investigation of the defacement.

Step 4

Turn off your website

Temporarily turn off your website – use a simple landing page or ‘parked’ page.

Step 5

Determine how your site was hacked

Determine how your site was hacked. Your hosting provider may be able to help.

Common reasons your site is defaced.

Common problems are older parts of your site with custom scripts/tools running on them, out of date content management systems, and custom programming with security flaws.

Step 6

Restore your original website

Restore your original from backups. If neither you, nor your hosting company have backups, you may have to re-build your website from scratch!

Keep backups off your hosting provider

Also note that if your only backups are at your hosting provider, an attacker may be able to delete those when they take control of your site!

Step 7

Use a DDoS mitigation service

Move to a DDoS Mitigation service or secure hosting provider. Deflect.ca can support you in protecting your site from online attacks. CloudFlare can also block many common attacks.

Detecting and preventing attacks

Secure hosting providers such as VirtualRoad/Qurium go to great lengths to detect and prevent such attacks.

Restore your original website


What is gitbook used for?

To read books To book hotel named git To write and publish beautiful books GitBook.com lets you write, publish and manage your books online as a service.

Is it quiz?

Yes No


See also: