Website Hacking Never Stops!

Every Website is a Target –

WordPress, Joomla, Drupal, custom built and other sites are under attack everyday by website hackers. Websites of every kind are vulnerable. Recently we were asked to repair a site after the webmaster discovered his website had been hacked and defaced. It contained pictures linked from Imgur.com and played Middle Eastern music from a Youtube posting. The wording was mostly about corrupt capitalist governments, from an alleged Jordanian hacker (the hacker’s claims, not ours).

Scary stuff to wake up to! Which is why the panic level was high. After a quick look at the site we discovered that ALL OF THE CODE FOR HIS WEBSITE HAD BEEN DELETED! Not only did the hacker deface the site, but he left nothing behind but an Index file and one other PHP file.

We looked at the Index file, which gave us the info on the hacker.  After a little research we found the hacker used a bot to continuously crawl IP addresses to find vulnerabilities. The other PHP file was encrypted, but basically it would give the hacker Admin access to the site if we were to rebuild it without removing the hacker’s files. The hacker’s site listed all of the websites he had defaced, like they were his trophies.

These hacker bots are constantly crawling IP addresses. Each time your website is crawled the bots will look for some new way to attack.

Website Hacker Malware

Website Malware Installed by Hackers!

Website Hackers don’t always deface your website. Sometimes they install Malware or a Virus. You may not even notice anything wrong with your website. Some Malware uses a 404 error redirect. This trick points your visitors to an advertisement or a virus site when they stumble upon a website page that doesn’t exist anymore (404 error). You may never know this is happening without monitoring your sites security.

Keeping Your Website Secure –

The best thing you can do to protect your site is to be prepared. The cyber attacks will only increase over time. Here are some suggestions to keep your panic level to a minimum about being hacked:

  1. Keep backups of your site. In the case sited above, a backup of the home directory and the database existed; we were able to restore the site in about 15 minutes. The number of backups you need to make will depend on how often you update your website. Some e-commerce businesses need to run backups daily. More static sites can get away with monthly backups.
  2. Keep your software, themes, plugins, etc., up to date. If you receive notification that an updated version of software that you are using is available, you need to install it. Hackers send out web crawlers (bots) looking for websites that have vulnerabilities and down-level software in them. When they find them, they exploit them. They crawl websites 100’s to 1000’s of times a day.
  3. Don’t have ‘Admin’ as a user name for logging into your site. It doesn’t matter how good you think the password is, the hackers will eventually crack it. Using Admin as a login name just cut their work in half. See item 6 below.
  4. Only use strong passwords. That means NO SENTENCES, i.e., “thisismywebsitepassword”. You must use capital letters, non-capital letters, numbers and special characters (like &, %, $, etc..). If you are allowing others to log into your website, enforce the strong password rule.
  5. If you are installing Plugins or any add-on to your core code, make sure you only get them from a trusted source and that they have a lot of installations before yours. This creates a struggle for new Plugin developers, but you need to care about protecting your site, not helping a developer’s app get popular. Check to see when the last time the Plugin was updated too. We’re skeptical of a Plugin that hasn’t been updated in the last 6 months.
  6. Use a security program that will test your code for suspicious activity, malware or software changes. This type of security typically runs from another server. It will have a lot of options to set up, so you might ask for help with this one. For example, we set the security software to immediately block an IP address for a set amount of time if  ‘Admin’ is used as the name when a login is attempted.
  7. If you are allowing visitors to comment and upload files to your site, disable the ability to upload PHP files. You want pictures uploaded, not code.
  8. NEVER KEEP CONFIDENTIAL INFORMATION ON YOUR WEBSITE! While it is OK to segregate information by using password protected pages, don’t think that the information behind those pages can’t be hacked. If the content that you have behind password protected pages would be problematic if shown publicly, don’t put it on your website. Use a different method to deliver that private information to the intended recipient.

Be Prepared for Cyber Attacks –

Backups will help you restore your site, should you ever get hacked. Taking some steps to ‘harden’ your site against hackers will slow them down. Unfortunately, the Cyber War is real and the targets appear to be all websites. If some of this is confusing or overwhelming, contact us for help: 1st Choice Websites. Being prepared is your best defense.