My Website Has Been Compromised. How did It Get Hacked? Are Your Servers Secure? - FullHost ®

My Website Has Been Compromised. How did It Get Hacked? Are Your Servers Secure?

malware_screen

Ritualistically, we are asked on how secure our servers are. It is completely understandable that when you are putting your trust and faith in us to manage the servers your websites and sensitive data are hosted on are as secure as it can be made. Without giving away any of our trade secrets, we can confidently say that we keep our servers as secure as Fort Knox.

When your online store gets hacked, you don’t want to have to deal with the embarrassment of having a big black eye with Google, or possibly having to inform any of your customers that their information you have stored could have been compromised. Not to mention the lost sales when your site is down, and the time and effort you are putting in to dealing with this and not your business itself and making money.

Most often people are not aware that the biggest boogey man that can cause their website to be compromised is actually nothing related to the server itself, but the applications that run on it. In this day and age, CMS (Content Management Systems) like WordPress, Joomla, and Magento are some of the most commonly used applications out there. Those that are out to wreak havoc on your website look to find the biggest bang for their buck by finding exploits in any of these.

On a daily basis, updates to WordPress, Joomla, and Magento are coming out, and the various themes and plugins associated with them to close these security vulnerabilities. The rapid speed that the hacker can pass along their malicious code and inject them in to your website is magnified by the fact that it isn’t one person trying website after website, but that they employ bots to do their dirty work. These bots spend their time crawling the internet to look for these vulnerabilities that they are attempting to target. As an example, back in December of 2014, the security team at Sucuri discovered more than 100,000 WordPress sites were hit with the SoakSoak.ru malware campaign, resulting in more than 11,000 domains being blacklisted by Google.

The whole purpose of malware is to simply use your website to then carry out the tasks of sending spam, setting up phishing sites, or spreading more malware or any other malicious activity. What’s even more problematic is that they will often leave back doors for them to get back in once you believe you’ve cleaned up the site, and will only again be dealing with the website being compromised.

Another common issue is that like many of our clients do, you will host multiple websites on the same cPanel account. From a cost effectiveness point of view, this can be a great thing but what this means is that your one website that has become compromised means that any other website on that same account can easily be brought down with it, meaning you could be dealing with a whole other mess on your hands.

The best defense of keeping your websites free of this whole nightmare is by being proactive is keeping your scripts up to date. Whenever you receive a notice that a new version is available, don’t sit on it and wait for another day. Update your scripts, including those of any and all plugins and themes on a constant basis to the most current version available. These updates are generally released in reaction to information that there are security vulnerabilities out in the wild. Any if you have any old applications laying around, get rid of anything you aren’t using because that could be your weakest link.

So in short, update, update, and update your applications when newer version are released. The best defense is always a good offense.

Posted in Security and Vulnerabilities

Leave a Reply

Your email address will not be published. Required fields are marked *

*