t is a sad fact that 85% of all malware that infects personal computers comes from the Web. Hackers are busier than ever–more than 30,000 websites are infected by some type of malware every day.
While individuals can protect themselves by installing anti-virus software on their computers, there are also effective strategies that website owners can employ to prevent their sites from being hacked.
Most of the hack attempts that I see are from web robots looking for vulnerabilities. They are looking for poorly protected sites, and once they find them, they will inject malicious code. Now comes the interesting part.
Why would anyone want to hack my little website?
The vast percentage of hacks I have dealt with are attempts to use websites to promote other websites. These fall into the category of “Black Hat SEO” techniques to generate back links to their sites. (see my article on Search Engine Optimization, or SEO.) These hackers don’t care who you are, they just want to generate links to certain websites, and thereby gain (hopefully) higher ranking in search results. The problem with this is that search engines like Google are not fooled for very long (think hours); they can detect these hacks and actually ban your hacked site from their search results!
So, what can I do?
Hackers love Joomla, WordPress, Drupal and other content management system (CMS) sites. Once they have access to these sites, they can upload malicious code, and if they have any skills at all, the site owner won’t even notice! But search engines do. It’s easy to check; simply enter the name of your website in Google, Bing, Yahoo or others and look at the results page. If you see odd references to Cialis, Viagra, or other things that don’t belong, then that is one indicator that you have been hacked. (If I built your site, you won’t see anything unusual.)
I routinely install hack-proofing software to the WordPress and Joomla sites I manage. This software provides me daily reports on hack attempts on these sites, and I often log in to the sites to ban the sources of hack attempts and further secure the sites. I usually do this without notifying or charging the site owners! (99% of the attempts are what I would categorize as “drive bys”. The attackers will not persist in hacking a well-protected site. There are too many others out there for them to exploit.) I also use strategies such as secure passwords and fake user names to fool the hackers.
Now, for something completely different and weird.
Some sites are not developed in a CMS, but rather using tools like Dreamweaver to generate html-based sites. Hackers are far less interested in these sites, since it requires they go in and manipulate hard-coded pages, and all their work can easily be discovered and removed. (The downside to setting up sites like these is that they require a Webmaster who has purchased the tools to manage the site, and they take more time to update.)
So, here is what they do instead. Let’s say that you are operating a site whose name is mything.com. The hacker can simply register the domain name mythings.com, download your site, which is easy if developed in a system like Dreamweaver, then upload to their bogus domain. They are in effect mirroring your site in a similar domain name, and will charge you a ransom to take it down! I have only seen this only once, done by a Ukrainian hacker using a super cheap French hosting service.
Here is what you can do to prevent this. Register similar domain names. it’s cheap insurance. If you have mything.com, then register mythings.com, and perhaps mythings.net (although most hijackers are far less interested in the .net domain. You can get carried away with this, so don’t obsess! As I said, I’ve only seen it once. That Ukrainian must have been really bored or desperate!)