Posted on August 9, 2015

My Website Has Been Compromised. How did It Get Hacked? Are Your Servers Secure?

malware_screen

Ritualistically, we are asked on how secure our servers are. It is completely understandable that when you are putting your trust and faith in us to manage the servers your websites and sensitive data are hosted on are as secure as it can be made. Without giving away any of our trade secrets, we can confidently say that we keep our servers as secure as Fort Knox.

When your online store gets hacked, you don’t want to have to deal with the embarrassment of having a big black eye with Google, or possibly having to inform any of your customers that their information you have stored could have been compromised. Not to mention the lost sales when your site is down, and the time and effort you are putting in to dealing with this and not your business itself and making money.

Most often people are not aware that the biggest boogey man that can cause their website to be compromised is actually nothing related to the server itself, but the applications that run on it. In this day and age, CMS (Content Management Systems) like WordPress, Joomla, and Magento are some of the most commonly used applications out there. Those that are out to wreak havoc on your website look to find the biggest bang for their buck by finding exploits in any of these.

On a daily basis, updates to WordPress, Joomla, and Magento are coming out, and the various themes and plugins associated with them to close these security vulnerabilities. The rapid speed that the hacker can pass along their malicious code and inject them in to your website is magnified by the fact that it isn’t one person trying website after website, but that they employ bots to do their dirty work. These bots spend their time crawling the internet to look for these vulnerabilities that they are attempting to target. As an example, back in December of 2014, the security team at Sucuri discovered more than 100,000 WordPress sites were hit with the SoakSoak.ru malware campaign, resulting in more than 11,000 domains being blacklisted by Google.

The whole purpose of malware is to simply use your website to then carry out the tasks of sending spam, setting up phishing sites, or spreading more malware or any other malicious activity. What’s even more problematic is that they will often leave back doors for them to get back in once you believe you’ve cleaned up the site, and will only again be dealing with the website being compromised.

Another common issue is that like many of our clients do, you will host multiple websites on the same cPanel account. From a cost effectiveness point of view, this can be a great thing but what this means is that your one website that has become compromised means that any other website on that same account can easily be brought down with it, meaning you could be dealing with a whole other mess on your hands.

The best defense of keeping your websites free of this whole nightmare is by being proactive is keeping your scripts up to date. Whenever you receive a notice that a new version is available, don’t sit on it and wait for another day. Update your scripts, including those of any and all plugins and themes on a constant basis to the most current version available. These updates are generally released in reaction to information that there are security vulnerabilities out in the wild. Any if you have any old applications laying around, get rid of anything you aren’t using because that could be your weakest link.

So in short, update, update, and update your applications when newer version are released. The best defense is always a good offense.

Leave a Reply

Your email address will not be published. Required fields are marked *

Trusted by Clients Across All Industries

Don’t take our word for it - let our happy clients do the talking. See More

Full Host did an amazing job of migrating my site seamlessly onto their server. My only regret was not switching my site over to them sooner. Now it is performing great, images are uploading way faster than ever before.

" Vancouver Sofa and Patio - Jerry Schmidt

Two thumbs up for Fullhost! Agents reply to me fairly quickly or at least let me know they received the ticket and are looking into it. Kudos to the support team as they have always given me exactly what I need without delays.

" Universal Staffing Inc. - Anthony Calvano

FullHost is an absolute pleasure to work with, and their customer service is exceptional. Whenever I have questions or need adjustments, they are there to help, quickly, efficiently, with answers and insights.

" Mooseworld Inc. Norine Leibel

The Fullhost team was a huge help in getting the website moved over and set up in a way in which we could correct the technical issues. They were quick, helpful and technically knowledgeable.

" Canadian Sport Institute Pacific Noah Wheelock

Our organization Has been working with FullHost for a couple of years now, and we have been thrilled with the service.

" Canadian Centre for International Justice / Philippe Kirsch Institute Pearl Eliadis

Exceptional is the word when it comes to FullHost. I started my own business and in the jungle of applications, licenses and registrations, FullHost had my back.

" Statsmen Matthias Bass

The customer service and support staff that I have dealt with have all been great. The move from my previous host was smooth thanks to the support staff at Full Host who moved my files over.

" Moose Web Design - Michelle Nortje

With coast to coast coverage,
We help you serve the world.

Whether your audience is located in Europe, Asia, Africa, or Australia, provide them with lightening speed!

FullHost's data centers are located in Toronto and Vancouver to ensure worldwide quality and speed.

Get in Touch
We Trust Only The Best Tech to Support You

FullHost operates with the most innovative technology to bring you unparalleled levels of hosting services.