Most good computer software can run nearly autonomously and only requires being updated once every few years or so. The same can’t be said for even the greatest website software. Whether the site was built from scratch or uses a popular framework it’s exposure to the web means that it is under constant attack. Hackers use automated tools scan many thousands of sites every day for un-patched exploitable issues and for weak passwords. Once they find what they’re looking for, they’re typically interested in one of a few things:
- Hosting their own web content on your dime
- Stealing your personal information (or your clients)
- Defacing your website
- Using your server to infect other machines
Many hackers will try to remain undetected and you may have every reason to believe that your site is perfectly functional. That is, until your web-host contacts you about excessive bandwidth, or search engines like Google start to notice that you’re hosting malware on pages. The trouble is that content can exist on your site without you knowing it, and it’s often reached by links on sites in other countries – not by your own menus.
So what does one do to keep from getting hacked?
The usual IT solution; maintenance and monitoring. A web site gets a lot of attention while it’s being built, but is often neglected (some times for years) afterwards. Exploits are constantly being discovered and patched for all of your common web technologies: WordPress, Evoq, DNN, .Net, node.js, PHP, Apache, MySQL, MSSQL, Apache, IIS, the list goes on. Your website is made of a combination of some of these technologies and all of them need to be kept current on patches. Lanier Apps uses premium web host services to ensure that all software is patched and all sites are backed up – daily.
Some times an exploit can be found in web pages that your business developed on its own – and are therefor unique to your business and so patches are not freely available. To address that possibility, Lanier Apps subscribes each of our hosted sites to malware and exploit scanning services and reports on the site’s status weekly.
We were hacked, now what?
The next step is straightforward, though it may be time consuming. You’l have to take the site offline until you have it sorted out. It’s not enough just to clean out the hacker’s files you need to figure out how they got in and one important bit of info:
Were they only able to upload files, or were they able to execute commands?
If the hacker was able to execute commands, it may be impossible to know if they opened other back doors into your system. (It’s usually the first thing they do, if they can.) So if you see that they did, or if you can’t determine if they did or didn’t, it’s time to scrub the site and bring it back online on a new host.
Finally, once you have everything cleared up, you can reach out to the search engines to rescan your site and remove the “This site may be hacked” or “This site contains files that may harm your computer” message that was shown by your site. Google provide those steps here: https://www.google.com/webmasters/hacked/.
Happy, safe web hosting!