Modern cars are incredibly difficult to break in to and steal, so much so that thieves often find it easier to break in to a house and steal the car keys to make off with it. Hackers targeting your website are faced with a similar problem when it comes to getting access to your website.
Few hackers target the web host directly, with all the money large web hosts such as ourselves spend on security and monitoring it is simply too difficult to gain access. Instead they go directly after the webmaster by downloading a virus on to their PC and getting the FTP log in details so often stored as an unprotected flat text file within software such as Filezilla.
What do they do with the information?
Once they have direct access to your website’s files they are any number of actions they can take:
- Insert links in to your site & create link farms
- Capture your member’s information
- Links to malware
- Spread viruses
- Destroy your site
How do you stop them?
Because they are targeting your PC make sure your virus protection up to date. Don’t put off the updates until ‘next week’ or when you can be bothered, get in to a routine of installing the latest patches e.g. on a Sunday afternoon whilst you are out or at night when you are asleep.
The easiest way to prevent access is to not have the information to be found in the first place. Don’t store log in details on your local PC unprotected e.g. in the FTP software’s auto login. Having to manually log in will literally add 10 seconds to your day and when you think of it like that its time well spent if it means your site in not compromised.
Regularly change your FTP password with a strong, and ideally random, password using capitals, numbers and extra characters. As well as a strong password, rather than have FTP access permanently enabled disable FTP access when you don’t need it.
As mentioned above, hackers will identify the vulnerabilities found within popular 3rd party software such as WordPress. If you use any CMS that allows plug-ins to be installed make sure you only get them from trusted sources and research them fully online (i.e. don’t do it blindly). This is also true of any 3rd party scripts you choose to use from sites such as hotscripts.com.
How to monitor if your site has been hacked?
One of the most popular reasons hackers go after sites is to essentially create a massive link farm to boost the search ranking of another site they own which is the money maker. A good example of this in action is the recent Haiti disaster which was targeted by fraudsters capturing bank details of people wanting to donate money to the relief programs. Many started by searching for charities through Google and clicking on the highest ranked sites, some of which were fraudsters boosted by their hacked site links. Monitor your website’s outbound links by checking Google webmaster tools or using a tool like http://validator.w3.org/checklink. It is also worth checking your directory in an FTP client on regular basis to spot any irregularities or any files/ folders that you didn’t create.
What to do about it if you have been hacked?
If you find out your site has been hacked the first step is to turn off FTP access to prevent them gaining further access. Once you have done that change your FTP log in details and run a full virus scan on your PC.
To remove any changes they may have made, rather than manually editing your files and risk missing anything, restore the website using the version you have backed up. Backing up your website is really quick and easy and completely free through your SureHOST control panel. To make sure you always have the latest version of your site we strongly recommend you back up your website using this facility whenever you make a change to your website.
Read more →
