Building and launching a website is indeed very important for businesses. Websites ensure the brand’s online presence, help owners generate new leads, and increase sales. Although, besides building and designing a website, it’s also important to take care of its security.
Although your website’s security is probably the last point on your to-do list, you shouldn’t underrate it. If you had a physical store, you would definitely install a security system or even hire special security personnel to protect it and your products, right? For the same reason, you need to protect your website too.
So, today, we are going to learn everything you need to know about website security and what you can do when you‘ve been hacked.
Why Should You Care About the Security of Your Website?
Your website is your digital store, and you must dedicate proper attention to its security. The world is changing on a daily basis bringing new threats to your business. If someone robbed your physical store, you would lose that day’s revenue. However, in the case of your business website, you have much more to lose, including your company’s information, your consumers’ personal information, and, finally, your digital presence.
You can find many articles about cyberattacks on big players such as Apple, Burger King, and Facebook. Nevertheless, hackers are not targeting large companies only. Paradoxically, small businesses encounter unimaginable threats of being hacked, too. In fact, more than half of the cyberattacks are targeted at small to midsize businesses. The reason behind this is quite evident. According to the National Cybersecurity Alliance, 69% of small businesses lack a cybersecurity plan, creating favourable conditions for hackers to steal sensitive information and data.
Why Would Someone Want to Hack My Website?
There are a lot of reasons why hackers try to breach the security of websites. Some of them may even do that just to practice; however, below, you can find the two most common motives.
1. Acquisition of Data and Personal Information
There is a high possibility that the hacker is trying to access your database with your clients’ personal information. This may also include credit card details and social security numbers. You can find similar sensitive information for sale on the darknet. So, your website’s security should be your number one priority, especially when you have an eCommerce business.
2. Spamdexing
Hackers use Spamdexing which is a black hat SEO technique, to manipulate search engine rankings and promote their suspicious products or services through your website. For instance, if you’ve ever come across a clothing website selling medications, that’s most probably spamdexing at its finest.
However, some innovative programmers just upsell products linked to the hacked website, making it harder to detect the breach. So, Spamdexing is the practice of hacking a normal website and injecting keywords and links that direct people to the web property they want to scam them with. With this, they generate a lot of revenue and, in turn, destroy your website. According to Incapsula, this is a 431 billion dollar market. Remember that if Google detects a use of a black hat SEO technique on your website, it will ban you. This is definitely something you want to avoid.
How did Someone Hack My Website?
Firstly, you should remember that the one hacking your website is probably not an actual person but a crawler created by the hacker. If your software is out of date and you’re not using secured hosting, then you are very likely to become a target of a cyber-attack.
So, if you got hacked, it is because the crawler detected in your site the specific vulnerabilities it was written to look for. Thus, don’t rush to feel special. It’s just a great signal that you should start paying proper attention to the security of your website.
Using a plugin like iThemes Security Pro that allows for Two-factor Authentication is one of the best ways you can avoid malicious attacks.
Why did the Hacker Succeed?
So, the website’s security is the primary reason why your website gets attacked, but how exactly? Hackers succeed when:
- your Content Management System and plugins are not up to date. Updating your website is necessary to make sure that the version your website runs on doesn’t contain any bugs. According to Sucuri.net, in 2019, 56% of hacked websites used outdated CMS applications. So, if you launched a website and completely forgot about updating it, your website will contain well-known security holes which the crawlers will detect and exploit. Therefore, if being an easy catch for hackers isn’t your number one priority, keep your website UP TO DATE.
- You have insecure hosting. If you are looking for another way to please your hacker’s greedy taste buds, we suggest using insecure hosting. If you store your consumers’ information on your server, you should ensure your server is secure. Otherwise, you will be an easy prey for stealing personal data and information. Besides, remember that your server also hosts your emails. So, insecure hosting creates favourable conditions for unauthorized users to access all the information in those emails.
It is primarily due to the aforementioned issues that programmers successfully hack your website. Therefore, if you think something is wrong with your site and you have any of these vulnerabilities, don’t even ask yourself: “Have I been hacked?”
So, take care of your website’s security. Your consumers’ personal information and the credibility of your company need to be taken seriously.
Mu website has been hacked! What should I do?
If your website has been hacked, first and foremost, don’t panic and be quick. In this case, you simply cannot afford to be sluggish. If you act slowly, you will give Google time to identify your website as malicious and blacklist it. For your information, Google blacklists about 9,500 websites per day. If your website gets on the blacklist, it will be removed from search results, so when users search for something, your website won’t appear on the SERPs.
Also, keep in mind that in case of detecting malware on your website, Google will automatically warn your visitors that it contains malicious codes that can potentially harm their computer/gadget. This may damage your company’s credibility, and most probably, the majority of your audience won’t return to your site.
It’s time to take some notes! Now that you know that panicking won’t solve your problem, let’s see what actually will. Below we will go over several practical steps you should take to handle a cyberattack and get your website back.
1. Contact Your Web Developer or Host
Firstly, if you are the owner of the website, reach out to your web developer or host as soon as possible and describe the situation, including as many details as you can.
2. Install a Maintenance Plugin
If you can access the Content Management System, you should log in and install a maintenance plugin. For instance, if you are using WordPress, then go through the following link to learn what maintenance mode is and how you can install it.
With this single action, you will solve two problems. First, you will save your visitors from getting affected by any malicious code resulting from the cyberattack. Secondly, Google won’t put any warnings on your site, and you will have enough time to solve the issue without getting blacklisted.
3. Scan Your Computer
There is a possibility that the cyber attack source came from your machine’s local environment, such as the Desktop. Many hackers would steal the login information right from your local environment to access your website as usually the owner would. So, scan your computer thoroughly and make sure to clean it up from any possible malware or viruses. The following link may be handy in the process of catching nasty viruses.
4. Try to Detect and Decode the Malicious Codes in Your Files
Many hackers practice obfuscation as a smart technique to hide the original code applied by the hacker, turning it into something illegible. There are various obfuscation techniques which include Base64, ROT13, XOR, etc. So, use decoding scripts to find out what kind of attack/code you need to deal with.
P.S. You can use the following platform for Base64 decoding.
5. Check the Footers, Headers, and File Permissions
There is a high possibility that it’s a Javascript frame injection attack. Thus it is vital to check the headers and footers. Furthermore, although your permissions may vary based on your server and PHP handler, make sure they are not set to 777.
6. Change Your Passwords and Secret Keys for WordPress
Don’t forget to change all your passwords for FTP / SFTP, WP-ADMIN, CPANEL, or other administration panels. Remember to use complex and unpredictable passwords. We would also highly recommend you consider using two-factor authentication.
If you are using WordPress, then you should also change your WordPress config file secret keys. This step is essential to ensure you have encrypted and unpredictable passwords. Click the link to learn more about dealing with a hacked WordPress website.
7. Update Your Themes and Plugins
After getting rid of the virus, update all your themes and the CMS. Run a well-rounded inspection to make sure that all the affected parts work smoothly.
Forensics
Once you have successfully cleaned your website from malware, it is important to analyze why it happened in the first place. To understand why the hackers could succeed, you should analyze and investigate the pain points of your website. Once you find the vulnerable parts of your site, you will be able to avoid future attacks. This requires special skills and knowledge. So, if you are the website owner, you may face some trouble conducting the investigation. However, if you have access to the essential metadata, then you can use the following platforms to run the analysis:
OSSEC: A scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS)
Final Thoughts
In short, today’s digitalized reality creates new threats to your business. If you think that having a website doesn’t require proper security measures, let me disappoint you. On average, about 30 thousand new websites are being hacked daily. You probably don’t want to be on this extensive list, right? So if you don’t want to experience the “have I been hacked?” feeling ever again, please pay decent attention to the security of your website.
- Take care of your website, and don’t leave it for months without any updates. Contact your web developer and make sure that your website gets proper updates on a regular basis.
- Make sure that you are using secure hosting. If you have any doubts, don’t be sluggish and contact professionals to get a hosting examination.
- Check the performance of your website using website monitoring platforms such as Pingdom. If you are experiencing slow rendering and performance, then it can be a signal of being targeted.
- Install good anti-virus programs on your computer to keep your local environment safe.
General FAQ
Keep your CMS and plugins up to date and use secure hosting. Use a good security plugin that enables two factor authentication for logging in. We like iThemes Security Pro for the above, additionally their brute force protection network is a nice bonus.
The first thing you should do is contact your web developer or host. Secondly, put your website on maintenance mode to protect your websites visitors and prevent Google from blacklisting you. Next, scan your computer to ensure the attack didn’t come from any local malware. On your website you should check the headers, footers, file permissions and change all passwords. Finally, you should update your CMS and any plugins. Perform a thorough inspection to make sure everything works as it should.
