Discussion in 'Black Hat SEO' started by leisure, Feb 17, 2011.
just wondering how to prevent from being hack,because this issue used to happened on me..
not faced this problem yet
In what regard? Infection? Cracked?
What's hacked ? You website, mail, computer or what ?
I've had my company website hacked. They took advantage of an old Mambo calendar plugin years ago and dropped their FTP script and uploaded a Bank of America clone.
Needless to say, we were shutdown until they realized all was good.
We had to look at how they were coming in and remove the plugin.
There are sites that will help test the security of your site. Also update your software.
Can you elaborate on this ?
I had my website (classified ads) hacked and the index was replaced with some funny banners and messages, I reinstate it right away because I check my websites often enough.
Was a script fault because it was too old and hackers found easy backdoors to break in. So a first rule is to have your script/addons (if you run any) up to date.
Other causes may be the ftp program you're using to upload files to your site, filezilla for example had such issue with stolen saved passwords. So don't save your passwords.
Also someone may have access to your mail or computer. A good thing is to keep your passwords hidden (make strong ones with both letters and numbers and case sensitive) and change them regularly.
And of course install a good firewall and anti-virus/anti-spyware on your computer.
I've had plenty of sites hacked....
There's no 100% foolproof anti-hack security... but there are a few things you can do to minimize the possibility:
1. Use a host with decent security settings on their servers. (or your own vps / server and set it up right)
2. Make an html only site - no scripts & no database means there's not too much they can hack unless they get control of your account on your server (see point #1)
3. Use well-maintained scripts when you do use one. If the script has been a few years without any updates, it's probably pretty easy to hack.
4. Keep your website's script up-to-date. When the makers of your script make security updates, make sure you update your site.
MOST IMPORTANT TIP OF ALL!:
Keep a complete backup of your WHOLE website (don't forget your databases).
Back it up every time you make a change (if it's static)
or with regular frequency (if it's dynamic or has user accounts)
Many popular scripts (WP, joomla, etc) have utilities to auto-backup your site at regular intervals, for example. Or do it manually if you have to.
The EASIEST and FASTEST way to "un-hack" a website is to restore a pre-hacked version.
If it's a very important site, keep a CD with a copy of the backup at someone else's house, in addition to the copy on your computer.
Best of luck
Separate names with a comma.