In March 2016, Google reported that over 50 million websites were victims to be being hacked. A statistic that is evidently growing. If your website is hacked it could severely hurt your rankings so acting fast is key. As a website owner figuring out what to do next is your biggest headache. This guide will help you understand why hacking can happen and ways in which you can prevent this happening. Its more common that you think…
Many websites online are built using four key content management systems; WordPress, Drupal, Joomla! And Magento. WordPress is the market leader dominating 60% of the market share. Therefore for the purpose of this article we will focus on WordPress, although much of the information will still apply to the other CMS systems
Quite often website owners misinterpret the importance of securing their website seeing themselves as an unlikely target to be hacked. However websites can be hacked simply because they are seen as vulnerable, some low level hackers use software that hack a mass of sites automatically. When this does happen many feel that it’s a personal attack against their business and wonder what hackers achieve from the malicious act?
Websites can become visible targets to hackers through an automated script. Similar to how search engines crawl your website to index content hackers use black bots to identify vulnerabilities.
As an ecommerce website you will have a number of users typically making transactions online, hackers see this as an opportunity to target financial information e.g. credit card details
This form of hacking can become very lucrative. Hackers place redirects or links on your site to generate affiliate revenue. These are not always visible.
They look to access your server so they can send out 1000’s of spam emails, which will get your site and server easily blacklisted, increase your usage bills or even get your site shut down. They may build a network off your server using botnets, which are interconnected systems across the net to attack other websites using brute force password attempts
They may infect visitors computers with malware such as viruses, keyloggers or other malicious software to capture information. Viruses can destroy or infect information on your device, including data on external storage. They can also take control of your device and use it to attack others. Keyloggers are a piece of software that monitors user activity. It allows hackers to see every keystroke users have typed, allowing them to retrieve information such as email addresses, passwords and credit card details.
Hackers often upload backdoors to your website so that they can upload information to your webspace. They sometimes make this public, meaning anyone can visit a URL and also upload informatin to your webspace. Ths creates a slave server similar to black bots.
As mentioned above, WordPress dominates the market making it the most popular CMS and website building software. This is generaly down to its user friendly interface, plethora of features and simple code making it easier for search engines to index content.
In our experience, many hosting companies do not keep their client websites version of WordPress updated. This heightens the vunerability of being hacked and therefore makes you an easier target for hacking. WordPress updates its core operating system regularly and these updates are becoming more frequent.
WordPress code is open source meaning hackers have free reign to access the code base and identify any vunerabilties, which is also the same with most plugins and themes.
We recently identified a hack that infected 1000’s of websites. Additional pages were built in every website that linked to a network of other sites. These pages had links to a Canadian pharmaceutical website.
The pages that were created by the hackers were not in the content management system nor were the links visible on the site or in Google Search Console (i.e. Google Webmasters). The only way to identify if a site has been hacked was to research the sites back link profile in Majestic.com or to type the command “site:www.domain.com Viagra”. This would list all the pages in the site containing the word Viagra, revealing the hacked website pages.
Does this sound familiar to you?
Give us a call on 0121 667 8785 and we can help/advise you.
Hacking can result in impacting your business in the following ways:
As soon as Google identifies your site has been hacked it will stop ranking your website in search results, resulting in a huge loss of rankings and traffic to your site. Regaining those ranking positions can be highly dependent on the length of period your site is down
Although being hacked is out of your control it can cause users to percieve you in a bad light. This can happen when your hack involves links or redirects being placed on your site to inappropriate websites.
Many companies are now integrating their websites to internal accounting systems. In this situation a hacker that exploits your website, may well have an open door to access your internal accounting system.
Some hacks have the ability to remove files and database entries resulting in your site being destroyed. This may even be unrecoverable if you have no backups This emphasises the importance of a reliable hosting company who will invest time in making updates and creating daily backups.
In different circumstances there are alternative solutions that fit best, below are some basic actions to consider:
Invest in a quality hosting provider who will: Create daily backups of your website, Scan for any unusual activity, Avoid shared servers, Ensure your CMS version is updated – being on a really old version can break your site when you come to update to the most current version so it is important to maintain updates regularly
Themes and plugins should be updated regularly to eliminate the risk of being hacked. Especially when adding new plugins its important to check these are trusted as the code could be unsecure leaving you open to vunerability.
Limit login attempts – there are plugins available that will constrain certain ip addresses if they have 3 failed login attempts
Two-step authentication – you can add an authentication stage after the user tries to login with a message or call
Whitelist IP addresses – these users are the only users that will be able to access the login page
Web base password generators – never use these unless the generator belongs to the server that is producing passwords.
Frequently change passwords – hackers can run scripts that inputs random passwords until one fits. Create one that’s strong using a range of upper/lower case with symbols and be careful who you give those details to. Store passwords in secure place e.g. lastpass.
Add SALTs to wp-config.php – create random lines of text to make it harder to crack
Set a unique table prefix rather than wp-posts
Remove version meta tag
Set correct file permissions
Disable your plugin and theme editor – this will mean you can only adapt code with FTP details
Turn off PHP reporting: if a plugin or theme displays an error, the message that gets displayed can contain information about your directories and file system – add code to disable