Anytime I hear a customer say, “I went online and read that your hosting servers are hacked” and I think a little misinformation on any subject matter can be very dangerous in the wrong hands, especially when found online. In actuality the percentage of websites, compared to total customer base, is less than 7%. There are several reasons website hacking happens and very rarely is it because a server itself is “hacked” or compromised. This post is about educating yourself and taking simple and easy steps to prevent and protect your website(s) from being compromised. Benjamin Franklin said it best, “An ounce of prevention is worth a pound of cure.”
Here is a list of action items and why:
1. Do your own site-backups regularly!
This doesn’t prevent your site from actually being compromised, but it does prevent that hack from causing massive damage. If you can simply re-upload your site pre-hack, with all of your current files, then you probably will not experience the downtime and annoyance associated with restoring a compromised site. +Continue Reading
Over the past weekend it was discovered that e107, had a major security vulnerability.
e107 is a CMS (content management system) that allows users to to build websites using templates and use a administration section to change content on their site.
The security vulnerability was located in a contact.php file that allowed a hacker to access your account and upload malicious files such as phishing sites, shell scripts, and or viruses. You can read more about it here.
If you have an installation of e107 we are asking that everyone to update to the latest version. We are here if you have any questions.
Unfortunately, it looks like e107′s documentation wiki is down at the moment, but we found a great forum post on the topic with instructions for upgrading e107 to the latest version:
Contrary to the common belief, domains are actually not stuck in the same place for life. Domains can be moved quite easily as long as you understand the process behind it and have a little patience.
The first thing to understand before starting a domain transfer is that it will not affect your site or DNS settings in any way. This means when transferring the domain, your site will not go down, but also, that the name servers will not change. +Continue Reading
There are all kinds of things that can happen to your website… hackers, expiration, deletion, your data center gets bombed, (let’s hope that never happens!), so why wouldn’t you have a back up of it? Thankfully, after I walk through how easy it is, you won’t find yourself in that situation!
So first, you might want to think about organization. No one wants to have a ton of files scattered everywhere throughout their computer with no rhyme or reason behind it all. So my suggestions for keeping your backups organized:
1) Keep it all in one place! Make a folder, either on your desktop, in your documents, whatever, where you will commit to putting all of your backup files. +Continue Reading
When you login into your FTP account, before you are allowed to log in, the ftp daemon searches in your home directory for a file called “ftp.allow” to see if your IP address is specifically allowed to log in. In order to find out what you IP is go to: http://www.whatismyip.com If the file is found, and your IP address is permitted, no other checks are performed. If your IP address is not found in the list of allowed IPs, or the file is not found, the daemon searches for a file called “ftp.deny”, to see if your IP address is specifically denied. If the IP address you’re trying to connect to matches one of the entries in ftp.deny (which can be ALL: ALL that denies everything that was not already permitted), the access will be denied with the message “530 User ‘username’ denied by access rules”. If the file is not found, or if your IP address doesn’t match anything, your access will be permitted. In addition to that, webshell access is always permitted (so you could modify the ftp.access and ftp.deny if you denied your own access by mistake). +Continue Reading
Anytime I hear a customer say, “I went online and read that your hosting servers are hacked” and I think a little misinformation on any subject matter can be very dangerous in the wrong hands, especially when found online. In actuality the percentage of websites, compared to total customer base, is less than 7%. There are several reasons website hacking happens and very rarely is it because a server itself is “hacked” or compromised. This post is about educating yourself and taking simple and easy steps to prevent and protect your website(s) from being compromised. Benjamin Franklin said it best, “An ounce of prevention is worth a pound of cure.”
