How to Protect Yourself Against Hackers

hackerOne of my servers was recently hacked — and although I don’t want to alarm you, you should know that your sites could be subject to attack at any time.

To help you protect your sites and your data, in this article I share what happened to my sites and why.

More importantly, I’ll tell you what I learned about defending my server, sites and computer against hackers.

What do hackers want?

Although some hackers get their thrills from breaking into and vandalising your property, most hackers are thieves. They may be identity thieves looking for credit card information, or they may want access to copyrighted works or sensitive intellectual property either for their own use or for the purpose of resale. Still other hackers are hijackers, who want to use your computer or server to send out spam email in phishing schemes.

Lucky me, I got a multi-purpose hacker(s) who demonstrated talent in 2 of the 3 categories above.

When Steve of DataWebPro discovered the problem, 250,000 of the spammer’s emails were ready to be delivered from my server — and we have no idea how many were sent.

While the hackers were having their jollies, the sites on that server slowed to a crawl and crashed a few times.

It’s nearly a month after the attack and we are still discovering that email sent to our customers with product download information, or to which they’ve subscribed in order to receive update notices from the forum, is being rejected by certain ISP’s, i.e. black-listed.

A bigger problem that was discovered during the episode was that one of our customer databases had been corrupted. Worse, it had been down and out for so long that the server backups couldn’t be used to rectify the problem.

Although both the blacklistings and database problems are resolvable issues, they have been a HUGE hassle and neither the incantation that Steve offered, nor the prayer sent by Andrew have been of much help.

So far, rebuilding the database has involved hour after hour of mind-numbing multi-platform data mining and entry which promises to continue for at least another 2 weeks.

How do hackers gain access to your account?

You’ve probably heard of worms, viruses and Trojan horse programs that can seriously damage or make your computer vulnerable to remotely controlled exploits.

Hackers like to look for ‘security holes’ through which they can gain entry without much trouble. These holes frequently exist in the programs and plugins that we install on our sites.

Hackers also use programs that are designed to figure out the passwords to your accounts. Typically known as brute force password attacks, these programs run through letter and number combinations until it gets a match and gains access to your account. When your server is being bombarded by one of these attacks, the sites may become interminably slow.

Perhaps the ugliest type of hack is the one to whom you gave your password willingly because he or she is doing some programming work on your site.

How to foil a hacker

At very least, we should protect our computers and data with routers, firewalls, anti-virus software and external hard-drives.

Remember, it is not enough to install these programs and hardware, we actually have to use them. For example, set up your anti-virus software to download updates automatically. Likewise, program your external hard-drive to automatically back-up your data on a regular basis.

If you are on a managed server, such as a BlueHost hosting account, login into your cPanel and Fantastico interfaces regularly and update your installed programs as the upgrades become available.

If you want to install programs and plugins that don’t come with Fantastico, research them for known ‘security holes‘. Better yet, ask the technical people at your ISP if they have information about the program. Because they are just as keen as you are to stop hackers, in many cases, they will research the software for you.

Too, don’t leave unused WordPress themes on your server, and un-install unused plugins.

Stay alert for unusual activity on your accounts. If you have trouble logging into any of your accounts and you sure the username and password is correct – alert your ISP right away and send the account name with logins.

If you are running a membership software such as Amember, you can prevent bruteforce attacks by setting an incorrect login attempts limit. That allows a user to make a mistake in entering their username or password only a set number of time times, i.e. 3 or 4. If the user exceeds these attempts the system will either lock them out of the system or prevent any future attempted logins.

If you need a programmer to tweak a particular piece of software, go first to the developer and find out whether they will either do the work or if they know programmers who are experts with that software. Otherwise, ask your friends if they can recommend a programmer whom they trust.

When you hire a programmer for a small tweaking job, set them up with their own password which you then cancel as soon as the work is finished.

Do NOT use duplicate passwords, i.e. use different passwords for your affiliate accounts and server access. For your best defense against bruteforce password attacks, be sure your passwords are comprised of numbers as well as uppercase and lowercase letters and change your passwords regularly.

Last but not least, backup your sites’ data! Although they probably do, it is not enough to count on your ISP to back up your site regularly. You can generate your own full site backups manually from cPanel.

A alternative that may be preferable however, is to install software that does automated backups and has a quick and easy restore process such as Affiliate Backup. At the time of the hacker attack, I had Affiliate Backup set up on only one site — now it is set up to run on all of my sites. And yes, I AM kicking myself for wasted a pile of cash on weeks worth of data entry, when I could have had another instance of the program installed for $57. DUH!!!

Although there is no way to completely eliminate hacker attacks, there is plenty you can do to prevent them from gaining access to your site. DO make the time and effort to protect yourself, because doing so after the fact takes 100 times more time and effort.

Comments

  1. says

    Hi Ros,

    Sorry to hear you got hacked. It sounds like you sustained some pretty heavy damage. Anik and I got hit with a denial of service attack the day we launched PPC Classroom, so I can empathize with what you’re going through.

    Just wanted to add a couple of suggestions to your article:

    Never rely on Fantastico or any other package manager to keep WordPress up to date. Subscribe to the official WordPress Developer Blog for the latest developments:

    http://wordpress.org/development/feed/

    Programs like WordPress are a hackers paradise. Wide installation base and more security holes than swiss cheese (in unpatched versions).

    If you’re running WordPress, you may also be interested in these security tips:

    http://www.mattcutts.com/blog/three-tips-to-protect-your-wordpress-installation/

    and

    http://www.online-tech-tips.com/blogging/8-security-tips-and-guidelines-for-your-wordpress-blog/

    If you’re running a dedicated box and have a lot at stake I also recommend having Scan Alert – the makers of Hacker Safe – do a security audit: http://www.scanalert.com/

    Nothing thwarts hackers like a good firewall. Many hosts offer both hardware and software firewalls. Hardware firewalls are better because they can stop the hackers before they even get to your box.

    Last, but not least, if you’re running Amember, WordPress, PHPBB or any other web application with wide distribution you need Mod Security – http://www.modsecurity.org/ – Most attacks occur at the web application level and this application can prevent XSS attacks, SQL injection attacks and more. You can build your own rule sets for access and monitor unusual traffic patterns.

    Some of these solutions are free and some are paid, but if you have a lot on the line you can’t afford not to protect yourself.

    Best,

    Jeremy

  2. says

    I know the feeling of heart-breaking frustration. I lost my hard drive twice since November, because of an unscrupulous tech and viruses. Thank God I have been using Mozy Online Backups. They keep the backups on their server so I was able to restore my files, but what a pain. It takes time to restore all of the files – twice! I’m definitely looking into an external hard drive. I would like one that does back up automatically while keeping the file trees intact. Any suggestions?

    Thanks for the link to Affiliate Backup. This will be a great help too.

    To Jeremy Palmer: Appreciate the links you posted too. I’ve bookmarked them so that I can read them after leaving here.

    You can never be too safe! Believe me when I say, “It could happen to you!” I had all of my problems only a few months after signing up with Mozy, and had never had a problem for 7 years prior. I would have been completely wiped out if it wasn’t for taking the fore thought to get everything backed up off of my PC.

    Thanks again Ros and Jeremy!

  3. Nathan says

    One of my colleagues recently pointed out that one of my blogs was hacked. Upon further investigation, I found out that 3 were hacked and I don’t know how it happened. I was lucky enough to wipe out the script that was installed using a restore, but I would’t bet on that in the future. I’ve changed my passwords and I’m using the suggestions above to secure my blogs. I hope it doesn’t happen again. It didn’t do wonders for my blood pressure, that’s for sure.

    Nathan

  4. didier rutmann says

    I prefere to use an external company to check on a monthly basis my website gain potential vulnerabilities and protect myself from hackers i am please of a SaaS online scan provides good reports and not too expencive around $600 per year for monhtly check

  5. chan bustamante says

    hi..I am quite sure about this thing..
    i think i was being hacked by some people out there..
    and i don’t know what thing or solution should i do just to escape from this hacker..

    thanks for that..

    from,
    chan

Disclosure: We are compensated for our reviews. Click here for details.