Make your website hacker proof | Heart Internet Blog – Focusing on all aspects of the web

Modern cars are incredibly difficult to break in to and steal, so much so that thieves often find it easier to break in to a house and steal the car keys to make off with it. Hackers targeting your website are faced with a similar problem when it comes to getting access to your website.

Few hackers target the web host directly, with all the money large web hosts such as ourselves spend on security and monitoring it is simply too difficult to gain access. Instead they go directly after the webmaster by downloading a virus on to their PC and getting the FTP log in details so often stored as an unprotected flat text file within software such as Filezilla.

What do they do with the information?

Once they have direct access to your website’s files they are any number of actions they can take:

– Insert links in to your site & create link farms

– Capture your member’s information

– Links to malware

– Spread viruses

– Destroy your site

How do you stop them?

Because they are targeting your PC make sure your virus protection up to date. Don’t put off the updates until ‘next week’ or when you can be bothered, get in to a routine of installing the latest patches e.g. on a Sunday afternoon whilst you are out or at night when you are asleep.

The easiest way to prevent access is to not have the information to be found in the first place. Don’t store log in details on your local PC unprotected e.g. in the FTP software’s auto login. Having to manually log in will literally add 10 seconds to your day and when you think of it like that its time well spent if it means your site in not compromised.

Regularly change your FTP password with a strong, and ideally random, password using capitals, numbers and extra characters. As well as a strong password, rather than have FTP access permanently enabled disable FTP access when you don’t need it.

As mentioned above, hackers will identify the vulnerabilities found within popular 3rd party software such as WordPress. If you use any CMS that allows plug-ins to be installed make sure you only get them from trusted sources and research them fully online (i.e. don’t do it blindly). This is also true of any 3rd party scripts you choose to use from sites such as hotscripts.com.

How to monitor if your site has been hacked?

One of the most popular reasons hackers go after sites is to essentially create a massive link farm to boost the search ranking of another site they own which is the money maker. A good example of this in action is the recent Haiti disaster which was targeted by fraudsters capturing bank details of people wanting to donate money to the relief programs. Many started by searching for charities through Google and clicking on the highest ranked sites, some of which were fraudsters boosted by their hacked site links. Monitor your website’s outbound links by checking Google webmaster tools or using a tool like https://validator.w3.org/checklink. It is also worth checking your directory in an FTP client on regular basis to spot any irregularities or any files/ folders that you didn’t create.

What to do about it if you have been hacked?

If you find out your site has been hacked the first step is to turn off FTP access to prevent them gaining further access. Once you have done that change your FTP log in details and run a full virus scan on your PC.

To remove any changes they may have made, rather than manually editing your files and risk missing anything, restore the website using the version you have backed up. Backing up your website is really quick and easy and completely free through your eXtend control panel. To make sure you always have the latest version of your site we strongly recommend you back up your website using this facility whenever you make a change to your website.

Backing up your website files:

– Log in to your eXtend control panel

– In ‘files’ click on ‘backup/restore

– Follow the on screen instructions

Backing up your database:

As with our web files back up service through eXtend, you can also back up your MySQL databases in eXtend with just one click!

– Log in to your eXtend control panel

– In ‘Web tools’ click on ‘MySQL Databases

– In ‘Manage MySQL Databases’ choose which databases you want to back up and click ‘Now’

You can also download and store a local copy of your database through phpMyAdmin using the ‘Export’ function.

Backing up your website and databases literally takes a couple of clicks of the mouse and can save a lot of pain and heartache down the line!

Image taken from: https://www.flickr.com/photos/daquellamanera/860088980/

 

Comments

Please remember that all comments are moderated and any links you paste in your comment will remain as plain text. If your comment looks like spam it will be deleted. We're looking forward to answering your questions and hearing your comments and opinions!

Leave a reply

  • 26/04/2010

    “Few hackers target the web host directly, with all the money large web hosts such as ourselves spend on security and monitoring it is simply too difficult to gain access. Instead they go directly after the webmaster by downloading a virus on to their PC and getting the FTP log in details so often stored as an unprotected flat text file within software such as Filezilla.”

    Is this based on Heart Internet’s experience or some published statistics?

    While for those who are customers of shared hosting packages, certain risks with ‘direct attack’ on the web host might be lower (assuming the web servers are configured in a secure way), I think it’s important not to understate the vital role that configuring and running a web server in a safe and secure manner plays in website security. Running my own web server, I know that automated scripts ‘knock on the door’ and attempt to compromise my server all the time, so while particularly determined individuals who want to attack a website may go after the administrator, it is not safe to assume that therefore you can just ‘forget’ about your server’s security.

    I know this blog’s audience is likely to be made up of shared hosting customers, where the server security is handled mostly by employees of the hosting company, but I am a little bit concerned that this post might give some a false sense of that security. While I’m glad that you mention the very important topic of keeping CMS software, plugins, scripts etc. up to date, I’d also like to make the point that just following these steps does not mean you will never face other security threats as a webmaster.

    I’m not trying to scare people or to detract from the sound advice in this post. It’s just that computer security is complicated, very difficult to get 100% right — and I want to remind people this post shouldn’t be seen as a comprehensive guide.

     
  • 26/04/2010

    Peter

    Yes that statement is based on our experiences when it comes to customer’s sites being targeted.

    The point you make about the dangers facing dedicated server customers is definitely worth highlighting so thanks for that, and much of the post is more for shared hosting customers (which includes our resellers).

    Cheers

    Matt

     
  • Dan

    26/04/2010

    Just a couple more notes for those reasonably savvy!

    Make sure that any included server scripts like php that are not accessed directly are set with permissions so only the owner can read them. This will help protect your website even if others on the same server have been compromised.

    You could also setup an early warning system to periodically check your website for updates, and alert you when it is updated. This could be as simple as a schedule script which runs every 4 hours and checks to see if your website homepage has changed, and if it has sends you an email. Right up to checking the website for certain keywords/links, and automatically disabling a hosting account using the API if they are found.

    You can also get some off the shelf software like GFI monitor to perform some similar functions.

     
  • 26/04/2010

    Dan

    A couple of great practical points, thanks!

    Matt

     
  • Chris

    27/04/2010

    A nice guide there.

    It’s useful to note that if your site is hacked and as a result blocked in Google, once you have removed the added content, normally a link to a Javascript file within thetags on your site, you can resubmit your site to Google via the Webmaster Tools.

    They will then reassess your website as a risk and if found to be clear remove the warning screen after the link.This is normally done the same day and on occasion takes lessthan 2 hours.

    Incedently the FTP block feature is incredibly useful at preventing this type of attack, and has won me business as a result! So thanks!

    Chris

     
  • 30/04/2010

    Joomla has been another target for hacking lately.

    Adding a simple php.ini file to the root of a Joomla, or any php site will help close some of the methods used to compromise sites. It basically closes off somefunctions that can be used for nefarious purposes. Of course, if your ftp passowrd is compromised, this is useless!

    Find details here: https://docs.joomla.org/Security_Checklist_2_-_Hosting_and_Server_Setup#Use_local_php.ini_files

    There is also a brilliant backup component for Joomla called Akeeba, which makes creating a full site backup so embarasing easy there is no excuse for not having a back up. It creates a zip file that allows a site to be restored, even to a different domain with ease.

    Whilst talking about ftp password security, if you use Dreamweaver, also take care where you save your “Site Definition” files, somesite.ste. Amazingly some people put these in the web root, where they can be found and the password uncovered.

    Jeremy.

     
  • 30/04/2010

    Jeremy

    Thanks for the tips and the links.

    Matt

     
  • 07/05/2010

    Excellent post. Thank you for the links that are published.

    So far I’ve kept all passwords on my computer but now it is deleted.

     
  • 13/05/2010

    Incedently the FTP block feature is incredibly useful at preventing this type of attack, and has won me business as a result! So thanks!

     
  • 02/06/2010

    Nice article, I lost my blog PR 3 because it got hack when, I went to holiday. When I try to retrieve it all the backup have been replaced with the hacked file. I hope this article will prevent me get hacked in the future. Thanks

     
  • nike22

    23/07/2010

    I really like the style of your writing

     
  • Sarah Harding

    25/03/2011

    Thanks for this. I’ve now removed the stored paswords in my FTP program for all of my websites.

    You mentioned third party addons. Are there any you WOULD recomment installing to increase security? For example, I often use Joomla on my websites like https://www.onefree.co – anything you would do to increase security?

     
  • basekit

    29/09/2011

    Thank you for providing this very important information in a simple manner.

     

Comments are closed.

Drop us a line 0330 660 0255 or email sales@heartinternet.uk