my website has been hacked


My website has been hacked and now most of the links in the menu are gone there are only 2 left.  Also an email was sent from the infor address to all the subscribers it wasnt sent by us it was the hacker the email said
Dear Natasha McDonald,


To unsubscribe click here 


The Beaufield Mews

 can someone help me get rid of this.

Who is Participating?
Are you SURE you got your copy uploaded? I have a feeling that the website index.php may have had it's rights changed. I'd first try to erase the website version, then upload yours.

The html source only had the two links. This could be because of something in your php code. If it doesn't get fixed, post you php code here for review.
Sudaraka WijesingheWeb Application ProgrammerCommented:
Do you have access to your server or the hosting account? If so, I suggest you change your access credentials immediately and restore the web site from a backup.
If you don't have access to the server you may try to get the access back by contacting your service provider. You will need to prove that you are the legitimate owner of the web site.
Also after the actions above, check your website for security leaks else the hacker can strike again.
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

Who is hosting the account?

When was the last valid change you made to the site?

Can you request that the hosting company restore the site from a backup?

Cornelia YoderArtistCommented:
And when you have the website back, find a new webhost with better security.
yodercm: I'll bet it's more the users weak passwords, not using SFTP and SSH for changes. Get your passwords at
there is no database usage from your site, its not by sql injection, i doubt it was password weak or leak by backdoor from your pc.
Giovanni HewardCommented:
Google reconnaissance shows -- it's possible the attacker gained access here using weak passwords (or via

natashamcdonaldAuthor Commented:
Hi Thanks for all you comments i have reloaded the files from my laptop but it hasnt got rid of the problem i dont know how to get rid of this can anyone help me?
What are you trying to get rid of?  If the site is backed by a database (which most modern sites are), then it could be that something has been changed in the database itself: reloading old PHP/config files won't do much; instead you'll have to reload an old copy of the database itself.

Once something has been sent via email, it is a safe bet that they'll be archived forever by something.  Also, once the subscriber list has been taken, there's not much that can be done: if the "hacker" is smart, they'll save it somewhere instead of relying on continued access to the site/database to retrieve it.
Sudaraka WijesingheWeb Application ProgrammerCommented:
Please check and make sure the backup you restored from (on on your laptop) was taken before the hacker attached the web site.
If you have any older backups which you are know for sure that is from before the hack.

Maybe try to bring up the site on another server or on your laptop itself to make sure.
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.