Just a follow up to my last post to say I found the weakness and cause of problems with my websites that got hacked. Turned out to be a weak password.

I had deleted the whole site and was rebuilding, then checked what I’d uploaded after a few days and found the same hacked code (containing Russian website). After wondering what to do for a while I remembered the advice (that I’d previously ignored!) to use a good strong password. I’d ignored it because I’m not good at remembering passwords and had meant to organise myself to change and write down the passwords somewhere but hadn’t.

I went in to CPanel and changed the password (this time instead of saying 50% strength it said 100%, I used capitals, small letters, underscore, numbers etc and longer). Having changed the password I deleted just the index.html and index.php pages the hacking had taken place on, and uploaded the originals from my computer.

I have been checking every few days since and is now ok.

The hacking would have been done with an automated script and a weak password allows something like that to manage to find out passwords (so I understand, not an expert myself, yet).

So my best advice is to use a very strong password, write it down (not on your computer, use good old fashioned pen and ink!) and additionally change it regularly.

I will be researching all this and writing a thorough report on it.

Hope this helps others.

Dave
p.s. There is also the issue of viruses/spam on your own computers, with that my advice is to ensure you have the very latest version of whatever virus protection you use. They are constantly finding new viruses and new ways of detecting them and just downloading updates on an older version isn’t enough anymore (as I recently found out myself).

Long time since my last post, and the reason for that is partly to do with this post. Website security was something I was always going to get round to looking at later. I had lots of various websites which I’d put up because it was easy to do, and then I got distracted by other things and never quite got round to looking into securing the sites from intrusions by hackers etc.

Well now I have to as a whole string of sites on one server has been hacked or has ended up with dodgy links put in by others. Not too much of a problem as they aren’t earning lots of cash but will take a bit of work to sort out.

However I intend to use this as a chance to spring clean and organise things better as well as learning more about website security. Incidently it was a notice from Google which alerted me and there was a very helpful link to a site which can help, called ‘Stop Badware’

Stop Badware

If you encounter any problems yourself, or even if you don’t yet, it’s well worth having a look at this site as it may help you avoid problems in the future.

When I have gained more knowledge on this myself in the process of sorting my sites out I’ll write a report on it and post a link or something as it’s something everyone needs to think about these days.

Well, back to my overdue ebook……
Plus my website security…..
Plus my day job….
Not forgetting the football!

Good luck and success

Dave Smith