Hacked

No one is safe from computer hackers, no not even IT professionals. Why do I say this? Over a week ago this blog was hacked with the result that it was offline for a few days, but as you see we’re back in the living again.

Are you worried about the security of your WordPress website? Have you taken precautions to stop people hacking your website? We all know that owning and maintaining a website can be hard work, however life can become far more stressful if the website was to get broken into. Not only would you have to figure out how they did it, but you would have to repair all the damage!

So what happened? The front page of this site was replaced by the hackers own page, then corruption of the files that are needed for this blog.

Why me? I’m not a large multinational company with any significant global interests, so why pick on me? Firstly most websites are hosted by a 3rd party company, and they not only host one site but probably hundreds. It wasn’t me that was targeted, the hackers found a way into the servers hosting the websites, and as a consequence this site became defaced, probably along with a number of others (although this is unconfirmed).

What can I do to prevent this from happening again? In short pretty much nothing, it does however imply that the security of the web hosting company needs to be looked at.

What can I do if it does happen? Well fortunately, I practice what I preach, and I’m prepared for any future attacks. Firstly the blog is run using WordPress, a widely accepted and reliable blog package, so having this reinstalled was no problem. Next, all the key files should have been backed up, for WordPress this is any uploaded files such as graphics and of course the main database. Back these up on a separate reliable location, your own computer is a good choice, and do this regularly as the files soon get out of date with new posts and comments being added.

Why do people hack websites? Hacking websites is a terrible thing that causes a lot of stress and inconvenience. There are a few reasons why people would hack a website:

  • Links back to their website
  • Links to another website (paid for links)
  • Hijacking your websites traffic
  • Inject content onto your website
  • Gain access to paid for items
  • Gain all registered users email addresses
  • Sheer nastiness
  • And of course, just for fun. The

Here’s some pointers which you can do;

  1. Don’t use default passwords or usernames set by the applications, make them a bit more complex and less easy to guess.
  2. Make sure you have a backup of all important or non replaceable files

In a future article I’ll be looking at what we can do to secure WordPress and prepare for disaster recovery.

Leave a Reply

Your e-mail address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.