In this article we will discuss why hackers hack websites and how they would do it.
From time to time me and my colleagues receive support tickets from our clients regarding hacking activity on their sites. Most of our clients claims that their sites have a virus or malicious code. Furthermore, the site owners becomes concerned that their sites appears in the Google blacklist. If you are in the same situation, no worries, but please read this post completely to understand the situation better.
Why is my site being hacked?
This probably is the first question which you may ask yourself. Let me tell you just several reasons why hackers hack your sites/accounts:
– They may want to send SPAM from your hosting account
– They may want to steal the traffic from your site (using redirect or other tricks)
– They may want to place their hidden link or visible popup banners on your site
– They may want to distribute virus using your site, having long term plans (controllable DDOS attacks etc.)
It’s not a complete list. It’s only popular reasons why the hackers hack as much as they can.
What should I do if my site has been hacked?
If you found a Google warning message on your site or you simply think that your site is infected, then feel free to contact your hosting company for help. However please note that in most cases the hosting provider can’t help the client to resolve the problem in root mostly because it usually happens due to different vulnerabilities on the client side.
Here is what a hosting provider can do for you if you have been hacked:
– The hosting provider may check the server logs and give you advice on how to prevent the hacking activity
– The hosting provider may help you to restore your site or account if needed
– The hosting provider probably can help you to clean the site
– Probably few other options depending on the TOS and SLA.
But the above assistance will be temporary or even useless if the root of the problem still remains.
How to determine the root of the problem and avoid hacking attempts in the future?
After you have restored your site to normal functional order, from that moment, you main role is to understand what appropriate steps to apply in order to prevent the hacker’s activity in advance.
In most cases, the successful hacking attempts happen because of a few reasons:
1.Virus. Your computer might be infected with Trojan or Virus program which can extract the login and password from your account and send it to the hackers. This is a very popular way to steal the account access and hack your sites or whole account.
2. Software vulnerability. Your website might have a different vulnerability which can be used by hackers. For example poorly written PHP code might allow to do a SQL injection or other unauthorized actions over the site.
So in order to prevent the hacker’s activity, you will probably need to start securing your computer. This can easily be done by installing Anti-Virus and Anti-Malware software. After the software is installed, make a full scan of your computer. Then it would be good to change the password to your hosting control panel and FTP accounts if they exist.
If a Virus or Trojan is not your case and you are absolutely sure that your computer is well protected and your hosting company didn’t find any traces of unauthorized access to your account, then you may need to check your scripts for vulnerabilities.
I hope the above easy steps should help you to eliminate the reason of hacker’s activity. Overall, I hope that this article has shown what method hackers normally use to hack your sites/account and how this can be prevented in most cases. In the next article I will share the details about very easy but effective way on how to increase the protection of your hosting account on the side of the server even if your computer is compromised.
This article is already available. Please find more her: What is .ftpaccess? And, how it can help to secure your hosting account?