Websites can stop working or being accessible for a multitude of reasons; therefore, it is important to consider the following steps to try to find the root cause and resolve the issue:

List of server errors - When a browser tries to access a website, it is served a status code: a three-digit number that indicates whether the request was successful. Status codes are usually invisible to the user, but when they indicate an error, they are often shown in the browser. This can be helpful in solving issues when your website isn’t working.

Such status codes could be client errors, which start with a 4 (such as 404, meaning the page isn’t found, or 403, meaning the user doesn’t have access to the page), or server errors, which start with a 5 (such as 502, meaning the server isn’t able to handle the request). When dealing with such errors, be sure to refresh the page in your browser after making changes on the server and check server logs for more details if the issue persists.

DigitalOcean has provided a list of common client and server-type errors, what causes them, and detailed explanations of how each one can be resolved.

Contact your hosting provider - In case you are unable to fix issues yourself or through your system administrator, e.g., by troubleshooting server errors, your next course of action would be to contact your hosting provider. However, depending on whether your server is located in your country or abroad, your experience with the hosting provider may differ.

Even though foreign hosting providers may provide a better service than those in your country, you should also be aware that their support might not be up to the standards in resolving the issue with your website quickly.

Hosting providers with 24/7 support are the best option nonetheless, as well as those who provide additional support channels (live chat, call) in addition to opening a support ticket or sending an email.

Media, civil society organizations, and at-risk groups (e.g., LGBT+) should consider hosting solutions offered by Greenhost, Qurium, or Deflect, as their services are adapted to the needs of public interest actors.

Activate DDoS protection - Distributed Denial of Service (DDoS) attacks aim to flood the server with a large number of automated access requests, usually coming from thousands of IP addresses, in order to make the site unavailable. To prevent your site from being disabled in a DDoS attack, you should activate DDoS protection.

The most common DDoS protection service provider is Cloudflare, which offers free plans but with limited options. There are others such as Deflect, whose services are used by many media, environmental, and human rights organizations. Google also offers free DDoS protection through Project Shield, which is intended for news, human rights, and election monitoring sites.

Independent media, investigative journalists, and human rights activists in repressive regimes can also apply for Qurium’s Rapid Response support, which includes DDoS protection among other things. Cloudflare provides their paid service tier free of charge through Project Galileo, for which at-risk public interest actors can apply.

Change your password - In case your website is down or has other unusual performance issues, the first thing you should try is changing your account password for the website in the content management system (CMS) interface, such as WordPress. Also, check for any suspicious activity like unknown plugins or themes, newly created users, or changes to existing users’ privileges.

When heavy cyber incidents occur, it is also advised to change the server password. This can be achieved in different ways depending on the type of the server (Windows Server or Linux).

Ask for server logs - To determine the potential source of issues with your website, taking a look at server logs can be of great importance. Server logs are text documents that provide you with various information about all activities on the server. For example, you can see the IP addresses and identity of the devices making a request to the server, the time and date of the request, etc., which can all be crucial when mitigating a cyber incident.

You can request server logs for a certain time frame from your system administrator or through technical support.

Request backup restore - When a cyber incident is resolved, a check needs to be performed in order to see if there is anything missing. Malicious actors might be able to delete some of the content from your website; therefore, it is important to have regular server and website backups.

In case you notice some content is missing after the incident has been handled, it is possible to restore it by requesting a backup from your hosting provider or technical support.