My Websites got Hacked

Contact your hosting provider immediately. Tell them you got hacked and they should clean it up for you. They might even do it for free, actually. Even if they don', it'll cost like $15. Get on it.

You need to take help from the help desk of the Hosting. If you can access to your site control, you should access & edit yourself if it is possible & change the access details.

Maybe you should be nice to them. Hostgator has always helped me out with malware and hacker attacks...and done so for free.

To the OP, I really am sorry that you got hacked.

If you want a hosting provider that actually cares about their customers and has good protection (and clean-up) against hackers, try WP Engine.

Regards,
Daniel

I hope you backed up your sites. If so, get them back up and running and move to a better host. Hostgator is too big to care about small clients and some of the support "specialists" have no problem telling you that if you get them on the right day.

Smaller companies tend to care more about their smaller clients because that is mostly what they have and the hosting business is ultra competitive. Companies like HG are popular only because they have deep pockets for advertising and affiliate programs that pay out mega commissions per signup...therefore everyone and their brother promotes them. Sure, you'll pay more but you know what they say, he who buy cheap buys twice.

But no matter if you stay with HG or move, you must get into a habit of backing up your sites!

I have been working online in one form or another since 1988. Am I an expert, by no means, however, I have seen my share of fraud and in all those years I never had a hacking incident until I moved my main website to HG in August of last year. To make a 'long' story shorter, I have a reseller acct and thought I would save $180 a year by moving my main site to that account.

In late October I was unable to log into any of my sites nor my WHM reseller acct. HG tech wanted to blame me for weak passwords and my reply was if 37 characters, lower and upper case letters, number and symbols is not enough to deter these people then we all might as well give up. Once WHM was reset I changed all the pswds and within 24 hours I was locked out again. The HG suggestion was the Slock service they are now partnered with and I insisted that after having a site up for nearly 17 years it was never hacked until I moved it to my HG acct and that I believe their server had been compromised.

Found multiple new directories of hacker files in about 7 of my 10 sites, performed multiple scans using Sucuri. Finally after 10 days HG security got back to me, admitted there was a script that had been loaded to the server that gave my pswds to the hacker everytime I changed them. HG reset my WHM pswd and all my site pswds again and I began implementing even greater security measures on each site beyond what I already had which meant nothing when they had direct login access because of their nefarious server script.

Couple of suggestions that might help - run Sucuri on your sites - it costs nothing to do so and helps to identify problem areas, if there are any, that you should be able to then clean out, here is the link:

https://sitecheck.sucuri.net/

I am on a shared hosting reseller account - from what I have read there is no way of logging into your sites securely via FTP on a shared hosting acct, other than the main WHM acct. The only secure login is via Cpanel with your IP address - here is an example of what I am talking about - this is not an actual site, just numbers to provide an example followed a :2083 - here is an example - HG has instructions on this within their knowledgebase -

https://134.265.46.31:2083

All In One WP Security
Anti-Malware Security and Brute Force Firewall
BulletProof Security
IQ Block Country (have to download a GeoIP database to use)
Wordfence Security
WP-SpamShield

You do not need to activate all aspects of the above plugins, some charge to do so, however, All In One WP Security and Wordfence are proving to be my favorites. Wordfence sends me an email everytime I log into the wordpress part of the site (it does not do so for cpanel logins). Wordfence also sends me an email when there is a problem with a plugin, mostly due to an update being available.

Ultimately, the hacking incident helped me make the decision to move towards full retirement rather than part-time as I was and I have begun liquidating all sites that simply were not worth my time and will most likely be into full retirement by the end of this year.

IRT to your question about how the big G would index a page you cannot find, I do not know except to guess that the hacker had a redirect to the page name you are finding indexed? One other suggestion, if you think they had cpanel access, you may wish to review your .htaccess file to see if there are any redirects set up in there and look at the last date it was changed before you open it to make any changes yourself.

Hope this helps. Good luck!

I just checked and Google Webmaster still has a removal tool - you can read about it here:
https://support.google.com/webmaster.../1663419?hl=en

"my main problem is with what google sees and I don't see via file manager and cpanel since they index spammy pages that don't exist"

I think you are approaching the problem from the wrong angle. This is not a Hostgator/hosting problem that you now have at hand. You are talking about Google pages being indexed.

I would say to go into Google's Webmaster tools and begin working from there.
- Are there any notes on Webmaster tool that you can follow?
- Can you contact anyone on there and tell them your issue?

Continue to put original content into your site, and along with using webmaster tools, you should to slowly get out of this slump.

It's a start. It takes time.

Thanks for advices Annie...

Most of sites got hacked due to several server problems. And to be honest we cannot know how to fix the hacking issues. That's why I always prefer to choose the best hosting provider which really cares to their customers and always there to help. I'd recommend Sitegorund. No doubt to say Siteground is one the best hosting platform today.

The same thing happened to me guys. They hacked my HostGator account and planted a bunch of malicious folders and files in my various websites. Now, there are some folders I'm not sure if I should delete or not.

I have a few questions. What kinds of files do I have to be worried about? Will they plant software that will allow them access back into my account, even if I change the password? Do you think they deleted any of my files? It's hard for me to find all of the files they've hid.

I have backed up my site using a BackUp WordPress plugin. Will that be enough to restore my entire site, if I delete the entire thing? Thank you.

It seems now, if you are hacked, they are referring you to their SiteLock website security service. It looks like it's $6 to clean a website but I'm not positive.

I just paid $15 to have my account restored from a week ago. What are the chances that the hackers leave files on your server. for over a week before they erupt?