It always pays to know your enemy and when it comes to website hacking, no truer words have ever been spoken.
It Always Pays To Know Your Enemy
There are basically five types of hacking attacks that are waged against users of personal computers.
- Attacks That Deny Service
- Trojan Horse Attacks
- Virus Attacks
- Worms
- Website Attacks
Hack attacks that deny service are usually focused on network connections or open ports with the intention of overwhelming the system with “pings” or other requests.
Attacks that deny service are made by third party systems that are most often not even aware that they are part of the network of attackers.
This type of attack can cause a system along with it’s resources or several systems to crash.
Systems that are compromised or systems that have little to no security are usually the ones that are targeted by hackers.
Fortunately, most server software will flag the unusual activity and alert the network monitor that something is wrong.
Trojan Horse Attacks, as the name implies, are made with software that has been modified with a back door or a “timer” that can trigger a series of events at a later time on the users computer.
When users are downloading software to their computer, they could be downloading a Trojan that can get into their system and allow hackers to collect information about them to send to advertisers, marketing companies or use for other sinister purposes.
The more common Trojans are set to execute when a specific date or event takes place. They then execute whatever function the hacker has programmed them for.
Trojans are often found in freeware or shareware software programs and are very difficult to detect until they perform their programmed function.
Anytime you download freeware or shareware, you take the risk of getting one into your system.
Always try to make sure that the software programs you download are from reliable sources and that you really need what you are getting for “free”.
There are a lot of great free software programs out there that are Trojan free, but the final decision on whether or not to take the risk is up to you.
Virus Attacks are the most common and most feared of all hacker attacks.
The term Virus is well known online as it pertains to “viral” videos, e-books, etc.
and as the term implies, it functions exactly like it’s biological counterparts.
The primary function of a virus is replication and is usually spread by email.
Once an email is opened, the virus replicates itself on that computer and spreads from one computer system to another very rapidly.
Viruses spread themselves often in an attempt to attack and destroy the host system.
Fortunately, most new computers already have anti virus software and firewalls installed on them. As long as you keep the software definitions up to date and perform regular scans on your computer, most viruses will be kept at bay.
Worms are like viruses but they perform a different function, they slowly suck the resources from larger computer systems (mainframes of larger corporations) gather data and filter it back to the hacker who created the worm.
They operate like a parasitic tapeworm in a human being and do nothing but continue to eat up resources until it overloads the host’s computer and it ceases to operate.
Worms replicate as frequently as possible and are usually targeted to specific types of PC systems.
i.e. Apple computers running OS X, PCs running Windows Vista, etc.
When the worm enters the system it has targeted, it begins to quietly eat it’s resources until the operating system becomes overloaded and stops functioning altogether.
Website Attacks by creators of malicious websites are another form of hacking attack that needs mentioning.
These malicious websites use known security holes in various technologies to trigger your web browser to do certain things to your system.
Holes in JavaScript, Java, ActiveX, etc. can be used by hackers to usurp your web browser to give away your email address, send emails to anyone, upload folders or directories from your hard drive to a web directory, email files or folders from your computer to other parties, use your email for a spam list, etc.
You can protect yourself from most malicious website attacks by using the most current version of whatever browser you are using and installing updates, fixes or patches when they become available.
When it comes to website hacking, it always pays to know your enemy.
Although you can’t stop your website from being hacked, you can substantially reduce the vulnerability of your site to malicious hacker attacks.
Since most hackers target websites with vulnerabilities such as weak passwords, out of date third party applications, old anti-virus software or software that is out of date; you can stop your website from being hacked just by being proactive and implementing some basic preventive measures.
Most website owners fail to recognize the fact that it only takes a few simple steps to provide a higher level of security for their websites.
These easy to follow steps require NO special software of programming knowledge to implement and are general enough to stop your website from being hacked regardless of it’s type or size.
Although NO level of security is 100% effective, here are some things you need to know to stop your website from being hacked.
Protect your admin panel, FTP account and email accounts with secure passwords.
Create the most difficult password possible, using combinations of upper and lower case letters, numbers and symbols that are at least 8 characters long.
The more obscure and complex you can make your password, the more difficult it is for a hacker to access.
Older versions of blog content management software are usually insecure, so keep your software up to date.
Hackers target older versions of WordPress, Joomlia, PhpBB, SMF, and other types software to infiltrate their security vulnerabilities.
It is extremely important to make sure that the software you installed on your own is updated to the latest version as soon as updates become available.
In most cases, you can subscribe or sign up to a mailing list for the software you installed and you will immediately be notified when new security updates or new versions of the software are released.
Software and web applications that are out of date are the primary reason why websites are easily compromised.
- Start Using Encrypted Services Whenever Possible
Start using encrypted services like SFTP in lieu of FTP for more reliable file transfer and management.
Host your webmail application on an SSL enabled port and use SSL encryption for anything that needs a username and password.
Make sure you configure encrypted connections in your mail server when sending emails from a remote machine to your server.
- Minimize the use of third party add-ons and scripts unless they are secure
Before you upload and install a new plug-in, widget, or other module to your WordPress site, read the reviews on it and think about if you really need it.
Over 70% of hacker attacks are caused by insecure plug-ins and scripts written by mostly unknown developers. If you haven’t yet researched the code and you didn’t write the code yourself, do yourself a favor and don’t install it on your website.
- Backup Your Data On A Regular Basis
Never rely on your web host to keep backups for you. Start making your own backups if you don’t already do so and save them on an external hard drive, flash drive, DVD, tape system, Iphone or MP3 player.
Whenever possible, you should never let your visitors know that your site was hacked.
By changing the server password or even your server, and then immediately uploading a backup of your website; you can be online and functional within a very short period of time.
- Make Sure You Have A Good Hosting Company
Having a reliable hosting company can help stop your website from being hacked. Reliable web hosting providers are the first and best line of defense against a potential hack attack.
At a minimum, your hosting provider should do their best to help protect your websites from being hacked by providing hardware and software firewalls, using the latest up to date versions of Apache,PHP or other software and by providing excellent customer service if and when your site does get hacked.
All web hosting companies protect their servers and your website to some degree, however
a hacked website doesn’t mean that they are exclusively to blame.
A hacked site means that there is some form of vulnerability in the content of your web site and that there is a good possibility that it could be your own fault.
It could be as simple as having an easy to crack password or a bug in your script.
You as the website owner can stop your website from being hacked by being aware of the general protection and security issues such as creating secure passwords, changing them on a regular basis, running virus scans, clearing your browser history, safeguarding your data with routine backups and maintenance, etc.
You can be sure that just as the sun comes up tomorrow morning, hacking will be with us till the end of the computer age.
But by following the simple steps outlined above and taking some of these precautions you can stop your website from being hacked or at the least, decrease the risk.
The importance of changing passwords after being hacked cannot be overemphasized.
It is likely that when your web site was hacked, the intruder either changed or usurped one or more of your passwords.
Once you regain access and control of your website, notify your web host and have them change your passwords, or do it yourself.
Your user name can be changed by the web host and the FTP password for the site can be changed by you from the cpanel of your web host.
This needs to be done to prevent any possibility of a server wide vulnerability.
If you are using Filezilla or similar program, make sure you change the passwords for all websites that could have been accessed by the hacker.
If you are running a WordPress or Joomlia site, the next thing you need to do after you restore your files from a CLEAN backup, is change your log in password and update to the latest version of your site.
A word about backups.
If you don’t perform regular backups to your site, start doing them immediately.
If you don’t have a backup for your site, contact your web host and ask them if they are able to retrieve an up to date version of your hacked site.
Normally, most web hosts routinely backup entire systems and will probably have a more up to date version of your site available.
The next password you need to change is your SQL database password.
Do this AFTER you change your FTP password.
If the hacker retains control of your FTP password and you change your database password, it’s a simple matter for them to access and change your config files as you can see from the sample below.
// ** MySQL settings – You can get this info from your web host ** //
/** The name of the database for WordPress */
define(‘DB_NAME’, ‘database_name_here’);
/** MySQL database username */
define(‘DB_USER’, ‘username_here’);
/** MySQL database password */
define(‘DB_PASSWORD’, ‘password_here’);
/** MySQL hostname */
define(‘DB_HOST’, ‘localhost’);
/** Database Charset to use in creating database tables. */
define(‘DB_CHARSET’, ‘utf8’);
/** The Database Collate type. Don’t change this if in doubt. */
define(‘DB_COLLATE’, ”);
When you change your database password in your wp-config.php file, make sure you assign “secret” unique phrases and place them in the appropriate areas.
/**#@+
* Authentication Unique Keys and Salts.
*
* Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
*
* @since 2.6.0
*/
define(‘AUTH_KEY’, ‘put your unique phrase here’);
define(‘SECURE_AUTH_KEY’, ‘put your unique phrase here’);
define(‘LOGGED_IN_KEY’, ‘put your unique phrase here’);
define(‘NONCE_KEY’, ‘put your unique phrase here’);
define(‘AUTH_SALT’, ‘put your unique phrase here’);
define(‘SECURE_AUTH_SALT’, ‘put your unique phrase here’);
define(‘LOGGED_IN_SALT’, ‘put your unique phrase here’);
define(‘NONCE_SALT’, ‘put your unique phrase here’);
/**#@-*/
This invalidates all existing cookies and forces all users to have to log in again.
The importance of changing passwords after being hacked is not limited to just the above passwords.
There is an excellent probability that the hacker also obtained active email passwords from your website or computer.
Use a good malware program like Malwarebytes to run a virus scan on any computers that you used to view your hacked site.
Run a thorough malware virus scan on all disks, including all portable storage devices that were attached to your computer.
Once your scan has been completed and any Trojan or virus’ have been deleted or quarantined, go back and change your FTP, SQL database and WordPress or Joomlia passwords again.
Use secure passwords of at least 15 characters and include % ^ @ # * ( : + ] } along with numbers and capitalized letters.
Keep a record on a portable flash drive, not in a file on your computer labeled Passwords.
It’s a good idea to change every password you have saved on your computer, just to be safe.
I was recently contacted by eBay and had my site shut down for purchases that were never made.
The individual who hacked my site used my email password to access my eBay account and bid up several thousand dollars worth of auctions without my knowledge.
Again, the importance of changing passwords after being hacked cannot be overemphasized!
It is very important that you pinpoint exactly how the hacker got into your system.
You can check the change logs and your access logs for vulnerabilities or to see if there has been any suspicious activity.
If you’re not up on how to do this, contact your web host for assistance or hire someone who can.
There could be a back door to your system that only a paid “techie” can find.
For Website malware removal, Sucuri is hard to beat.
They provide exceptionally fast Web site malware removal and will monitor your site to flag and help prevent secondary infections at a reasonable price.
Although the importance of changing passwords after being hacked cannot be overemphasized, when you protect your sites with Sucuri, you can rest easy knowing that you won’t lose everything you worked so hard to create.
