Article Side

Online Article Directory!

Hello Guest! Login or Register to submit articles!

Website Attacks and Hacks

By Jamshaid Hashmi Subscribe to RSS | June 22nd 2012 | Views:

Imagine the following scenario:

You’ve just had a brand new website built for your business, and before you know it you are getting a warning from Google that your website has been hacked.

It would, undoubtedly, evoke anger towards the pests that are hacking your site, and resentment towards the guys who built your site and, in your mind, didn’t put the measures in place to avoid this from happening!

We have, on numerous occasions, come across “Virus Attacks” or “Hacks” as they are sometimes called. They commonly occur in Open Source Websites & are one of the few risks that come with using Open Source platforms.

While your IT Team should be able to fix this predicament in almost all cases they have very little to do with the originating problem (i.e. equipping the site against these types of attacks). In general, a Google warning is the first notification of such a problem to them, as well as to you.

What is at Risk?

The most common reason for a website hack in the case of a small to medium scale website is link-farming for SEO gains. Moreover, Hackers go after E-commerce sites for customer & possibly credit card data. Email addresses of customers are also up there in the list of things hackers are after.

How it Works?

There are two common ways that hacks occur. Of course, there are many other types of hacks as well but these two are the most common in small to medium sized websites:

1) SQL Injection

In this way, the hacker is very familiar with the database schema (or data model) of the site and creates a script that enters malicious code directly into the database table that carries the page content.

SQL Injection can occur in most open source platforms because open source systems database schemas are common public knowledge.

In Hosted platforms the risk of SQL injections is close to negligible as the databases are well protected & use connection methods / models known only to the company that runs the platform

Cleaning a SQL injection means searching the database and removing the code, which at times can cause service disruptions, layouts or breaks in website functionality?

2) File System Infection

In this way a hacker enters via an FTP or other channel for server vulnerability and actually modifies the source code files in order to place malicious code into the system

This type of hack is very tough to fix because the scripting can be intelligent, spread quickly and continue to replicate even after clean-ups. Sometimes hackers will plant “receptor” scripts that go undetected and look very normal until they connect to the hackers’ own servers and pull down malicious code.

Cleaning this hack means effectively looking at each file individually and systematically cleaning up the code. Your IT team can undertake a mass “Find & Replace” approach to clean the code if they are able to locate the malicious code, but shortcuts almost always mean that they will miss out the “receptor” script that is infecting the files. This effort is extensive and can involve various elements:

Your base WordPress install version 3.0.1 has 756 Files! Version 3.4 has 1400+ files!

Your Joomla 2.5 install has 6000+ files with a standard set of components & plugins!

Sometimes clean up can also affect the functionality of the site or layouts, which result in a lot of lost productivity to the site

How do we fix it?

While your IT team doesn’t bear the responsibility for the hacking, which is, in many cases, hard to predict and potentially unavoidable, there are certain measures that can be taken to prevent it from happening (please see details in the next paragraph). For starters, the password selection for the Admin panel or FTP must be as hard to detect as possible. Once the hacking has taken place you will have to work with a very skilled System Administrator and a Programmer (both skills are a must) to clean the infected website and reestablish functionality.

Once this action has been completed, the site must be re-submitted to Google as there are high chances that Google still has it detected as an “infected” site.

How do we prevent hacking from happening in the first place?

There are many things that can be done at the website production stage to prevent- or at least reduce – the risks.

• Your IT team can use a non-standard data model in with a regular CMS module – This can be a fairly expensive solution and will need a talented developer to execute. The cost, however, may be prohibitive.

• Upgrade to the latest version of your platform. This may also be a costly affair depending on how much customization has been done to your website. Most platform providers will release security updates frequently because they are familiar with the common threats against their platform

• Use secure passwords and change them frequently. Use combinations of upper case, lower case, numbers and special characters, and make your passwords at least 8-10 characters long. NOTE: numbers-only passwords are the easiest to hack

• Try not to send out passwords by email, send user names and use SMS / texting to send the passwords

• Invest in a dedicated server

o Shared servers are very risky, mostly because you don’t know who your neighbors are and you are sharing everything with them. Potentially you could be on the same file system as a highly infected site and the virus will spread very easily to your site. In such cases your IT Team cleaning up the virus is completely wasting their time as they can’t clean the rest of the server, and it’s only a matter of time before the infection comes back

o On Dedicated servers your IT Team will have access to the root file system and base modules so they can install a lot of tools & scripts to “harden” the server and secure it. This is not possible on shared servers

o Dedicated servers are more expensive to own & maintain

o Highly recommended: PaaS (Platform as a Service) hosting is the next generation of web hosting, which is highly secure

o You can consider the use of Reverse proxies & other advanced security tools, a few of these are now available on a service basis (SaaS)


We recommend Dedicated Servers to our customers along with a proper security and support package to help prevent such problems. It is very difficult for any IT team to guarantee that hacking won’t happen, but we can certainly warn of contributing factors such as shared servers / weak passwords / outdated software, etc. and make recommendations for the best ways to prevent hacking from happening.

Jamshaid Hashmi - About Author:
ClickTecs is a specialized Digital Marketing Agency, headquartered in Toronto, Canada. We have made it our mission to help businesses navigate the shift from offline marketing to digital marketing by combining marketing creativity with technical expertise.

Share on Facebook Tweet It Stumbleupon this post This post is delicious !

Article Source:

Related PPC Advertising Articles Subscribe to RSS

Online marketing to improve business
Published by Heena123 on February 8th 2012 | Internet Business
Marketing is a much needed strategy in any business to succeed. The success of it is defined by only...
Internet marketing for startup
Published by Nichole Barker on August 22nd 2012 | Internet Business
For business that is potentially struggling in a startup stage every dollar counts....
Internet marketing are getting popular
Published by Eminent Socialmedia on May 22nd 2012 | Internet Business
Social media gives a lot of beneficial service as they increase popularity among the visitors and ca...
PPC Web marketing considering the Canada Potential audience
Published by Burt Collins on February 24th 2012 | Internet Business
A very effective advertising campaigns ads open to press announcements industry is each of our Ppc t...
Law firm Internet marketing
Published by Julia Bennet on February 21st 2012 | Internet Business
Nowadays, everyone is looking to develop a powerful online presence, including law firms. The concep...
Keeping Up with the Competition- marketing Your Salon
Published by Tom Peters on April 23rd 2012 | PPC Advertising
In the past, salons thrived on word of mouth business of adds in the local paper, but as technology ...
Importance of an Internet marketing UK organization
Published by Wildnet Technologies on May 4th 2012 | Internet Business
Internet Marketing UK – Wildnet Technologies is leading and Google certified trusted Internet Mark...
Online marketing
Published by Julia Bennet on January 25th 2012 | Internet Business
As competition among businesses becomes stiff, companies are increasingly looking for ways through w...
Social media marketing tools – what are the right ones for your small business?
Published by Wsiworld on August 1st 2012 | Internet Business
Social media marketing tools – what are the right ones for your small business?...
Looking for a franchise opportunity? Why not try an internet marketing franchise through WSI
Published by Wsiyorkshire on June 21st 2012 | Internet Business
Are you looking forward to owning your own franchise? Then why not a WSI franchise? They give you th...
Internet marketing services a boon to Business
Published by Excellent Solution on February 25th 2012 | Internet Business
Internet marketing services are available at reasonable cost to bring success to an organization. SE...
Specifically how Web 2.0 Will have Stricken Affiliate marketing online?
Published by Andrew Wilkinson on April 16th 2012 | Internet Business
In functioning your company while disappointed on what you are reaching, something else you should g...
Pay per click marketing - Important factors for Profit
Published by SEO Services Company on August 7th 2012 | PPC Advertising
There are motives why many website owners and internet marketers select to pay for visitors to their...
Why should you choose to join dental internet marketing companies?
Published by Alan on March 14th 2012 | Internet Business
Everyone knows that whatever business you are in you need paying customers to survive. That may soun...
The scope of internet marketing in India
Published by Manas Sadangi on March 17th 2012 | Internet Business
There are a number of things that have changed a lot in the recent past. One of the best things that...
Online marketing strategies for businesses
Published by Julia Bennet on January 25th 2012 | Internet Business
The internet has provided businesses with an effective marketing channel. Consequently, many busines...
Know all about the search engine optimization expert
Published by Dora William on December 29th 2011 | Internet Business
If you are looking for more information about search engine optimization experts, search engine opti...
Marketing with Facebook - the power of Facebook for online marketing
Published by James Blunt on November 25th 2011 | Internet Business
It's probably a reasonable assumption that most Internet marketers now recognize the potential and p...
Performed Web 2.0 are not able to Perfect Internet website marketing?
Published by Bell Alphonse on April 18th 2012 | Internet Business
There are many of websites also applications whom combine retail therapy and looking out to guarante...
Black Hat PPC Management an art of better marketing
Published by PPC Management on December 6th 2011 | PPC Advertising
Black Hat Management not only helps you in increasing traffic at your site but also makes optimum us...