Website Security – fixed the problem
Hello,
Just a follow up to my last post to say I found the weakness and cause of problems with my websites that got hacked. Turned out to be a weak password.
I had deleted the whole site and was rebuilding, then checked what I’d uploaded after a few days and found the same hacked code (containing Russian website). After wondering what to do for a while I remembered the advice (that I’d previously ignored!) to use a good strong password. I’d ignored it because I’m not good at remembering passwords and had meant to organise myself to change and write down the passwords somewhere but hadn’t.
I went in to CPanel and changed the password (this time instead of saying 50% strength it said 100%, I used capitals, small letters, underscore, numbers etc and longer). Having changed the password I deleted just the index.html and index.php pages the hacking had taken place on, and uploaded the originals from my computer.
I have been checking every few days since and is now ok.
The hacking would have been done with an automated script and a weak password allows something like that to manage to find out passwords (so I understand, not an expert myself, yet).
So my best advice is to use a very strong password, write it down (not on your computer, use good old fashioned pen and ink!) and additionally change it regularly.
I will be researching all this and writing a thorough report on it.
Hope this helps others.
Dave
p.s. There is also the issue of viruses/spam on your own computers, with that my advice is to ensure you have the very latest version of whatever virus protection you use. They are constantly finding new viruses and new ways of detecting them and just downloading updates on an older version isn’t enough anymore (as I recently found out myself).
Congratulations on resolving your issue, Dave.
What a great opportunity it’s presented to you for a report.
I suspect this will be in great demand once you have completed it. I’m certainly interested!
Take care
John
Thanks John,
I’ll try to get the report out soon.
Regards
Dave
Hi Dave,
I finally got my computer back from a week in the shop! It was riddled with viruses. As far as I am aware my website is still fine and according to the tech shop and D9 there is no code. Instead I was just riddled with adaware all over the place.
Looking forward to reading your report. Maybe create some how to videos to on how to check the code and what to look for etc. I think that would be an awesome product to create and sell. There is heaps of info out there on blog creation and product creation etc, but bugger all on blog security and what to look for and what to do if something happens.
Will be back here soon.
Jacinta
Glad you got your computer sorted Jacinta, and yes this has given me food for thought on a thorough report and videos. In learning how to deal with my own problems it would be great to help everyone else too. I left looking into this for too long and guess many others will be like me.
Will let you know as soon as I’ve got something ready.
Regards
Dave
Hello Dave, I’m glad that you’ve got the problem sorted out mate, and “Thanks” for bringing it to our attention.
I’m like you were Dave, weak passwords as they’re easy to remember. I’ll be changing that now though.
Also thanks again for all the help with camstudio, it now works like a dream and your help saved me buying the $300 version, so when i say “Thanks” i really mean it mate.
Pop over to my blog and you’ll see the 3 videos that i’ve just put together, with your help.
Take care Dave, if ever i can offer you the same help just ask mate.
Respect and Regards, Barry
Thanks Barry, I’m really glad it helped and that Camstudio is working well, will also give me more confidence in using it.
Cheers
Dave