How do they get in?
It’s not an individual person that does this but rather it’s a script/robot looking for known software vulnerabilities and running password cracks. They haven't specifically chosen your website or anything sinister like that, it’s more in line with a common burglary - these people are thieves.
What happens to my website if it is hacked?
What typically happens is that the hackers take over the website by hiding a few lines of code across a few thousand files that make up the website software. Once they have taken over, their objective is to divert traffic to some of their paying clients. Typically these clients are a range of illegal organisations, online gambling websites, investment schemes or pornography sites.
Once we are aware that the website has been taken over by hackers we have to shut the website down as the first step. This avoids anyone else's website be contaminated. Often we are able to set up a temp page with your contact details. The website then needs to be upgraded to the lastest version of the software and some areas re-built to ensure the hackers have been removed.
What can you do?
By keeping your website and server software updated, this helps to reduce the risk of known issues. Another natural protection we have found, is by using less popular website software. WordPress is one of the most popular global platforms and the hackers are very aware of how it works, Joomla is also a global brand, whereas SilverStripe is a New Zealand product so less known globally. It’s security through obscurity.
What we can do to help!
First up, if you ever believe that your website has been hacked by an external party, get in touch with us so we can resolve the issue as quickly as possibly.
Free website security review
We are offering FREE website security reviews for our current clients. This includes a review of current software version, the known risks and our recommendations.
Service Level Agreement
We recommend a service agreement and maintenance plan to help budget for upgrades and be more proactive with the website maintenance.
Off-site website backups (free with a service agreement)
The reason these are important is it offers protection for your content if your live website becomes infected. Every week a copy of your website (files and database) is saved away from the server. We keep these for up to a year so that if you need to roll back to an older version you have options. Pricing from $40 per month or free with a service agreement.
If you have any questions please get in touch with us and we'll help you work through any issues.