Welcome to WebmasterWorld Guest from 18.232.171.18

Forum Moderators: phranque

Website Hack

How to handle a hack

     
3:28 pm on Aug 5, 2019 (gmt 0)

Full Member

10+ Year Member

joined:Mar 18, 2002
posts:229
votes: 3


Ok been a while since I posted - Not sure this is the right place for the question.
I recently had a website hacked by a Pharma hacker.
Site hosted through Go-Gaddy is not a wordpress site.
It is an old site that has been a leading site for a number of years on Google in its niche.
All these years with no problems until I switched over to secure socket (HTTPS) on a dedicated server.
Of course, Go-daddy wants more money to fix.
Have been told came in the backdoor?

Is this now a common problem with secure sites hosted through Go-Daddy.
What is the best solution or company to handle this hacking issue?
3:51 pm on Aug 5, 2019 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member graeme_p is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts: 2980
votes: 201


Depends how you have been hacked, whether you have control of the hosting etc.
5:30 pm on Aug 5, 2019 (gmt 0)

Senior Member

WebmasterWorld Senior Member Top Contributors Of The Month

joined:Nov 13, 2016
posts:1193
votes: 280


All these years with no problems until I switched over to secure socket (HTTPS) on a dedicated server.

Is that your first dedicated server? Managed? How do you access/update your site? (S)FTP? Do you have SSH access? Control panel ? Are you using a CMS? Or your own CMS? Is everything up to date ? including PHP (or whatever scripting language you use).
12:19 am on Aug 6, 2019 (gmt 0)

Preferred Member from CA 

Top Contributors Of The Month

joined:Feb 7, 2017
posts:562
votes: 55


My Pharma hack on WP dates back to 2012, 7 years ago. The hack happened a couple of times. The source was a couple of weak plugin. Infected files were added, as well as errant database entries. The hack is somewhat invasive. There is a lot of docs on this hack, so lots of advice on the internet.

If you are using WP you cannot leave your site untouched, as hackers will find security holes and trash your site. WP needs constant maintenance and updating, as it is not written with security as the most important. Keep up with your maintenance or you will get hacked, 100% guaranteed. Using WP is high maintenance.
12:48 am on Aug 6, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:10136
votes: 1010


go daddy, as a high profile host, will always be under attack. Even static html only have been affected ... Not saying more on that, but what I have recommended for clients was to change their hosting ... and that solved a lot of problems.

Hackers will always seek the LARGEST TARGETS as their business is based on small bits at large scale.
1:01 am on Aug 8, 2019 (gmt 0)

Full Member

10+ Year Member

joined:Mar 18, 2002
posts:229
votes: 3


Dimitri ask
Is that your first dedicated server? YES

Managed? Yes I manage it. Is that what you mean?

How do you access/update your site? (S)FTP? FTP

Do you have SSH access? No

Control panel ? YES

Are you using a CMS? Or your own CMS? My own

Is everything up to date ?
including PHP (or whatever scripting language you use). As far as I know
2:36 am on Aug 8, 2019 (gmt 0)

Preferred Member from CA 

Top Contributors Of The Month

joined:Feb 7, 2017
posts:562
votes: 55


If you have no SSH access then many things will be more difficult to do. For me SSH is critical.

A roll-your-own CMS maybe more secure.

There are open source hacking tools available you can use to test your site and server. I have used a couple. They will provide a list of detected vulnerabilities, which you can use to plug the holes. These vulnerabilities are in a convenient database for hackers to use. The main tool comes with a scan feature, vulnerability database, and a hacking tool, all rolled into one convenient package.
10:57 am on Aug 8, 2019 (gmt 0)

Senior Member

WebmasterWorld Senior Member Top Contributors Of The Month

joined:Nov 13, 2016
posts:1193
votes: 280


Managed? Yes I manage it. Is that what you mean?

In fact, "Managed" means that the host is managing it for you (or a third party company). When you manage it "yourself", we referit as "unmanaged". It's the offer which is "unmanaged".

FTP

You might want to consider SFTP , ("secured") so the data you are transmitting between your local machine and your server are encrypted.

Are you using a CMS? Or your own CMS? My own

This is good to run your own CMS, because you are not exposed to "known" vulnerabilities of existing CMS, but it doesn't meant that your own code is bulletproof , just hackers might not bother seeking for exploits for "one" guy, whereas they can exploit vulnerabilities of millions of sites using the same CMS.

So, be sure to test / sanitize all data which are posted at your site (if you are forms, or things like that), to avoid sql or other kind of malicious code injection, also be care of XSS : [en.wikipedia.org...]

That being said, it's hard to tell how your site was hacked. Was your home page replaced? or it is redirecting to somewhere else? In your FTP folder , is there files which are not yours? Do you have logs of FTP accesses?
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members