Just a few days ago (May 15, 2014) we have seen the Rawalpindi Police website getting hacked. Being the premier hosting company in Pakistan, we strive to provide the best possible protection against these attacks which is why we use secure application-level firewalls so these attacks are stopped right in their footsteps.
However, there are still chances that no matter how much security you implement at the server level the hacker is able to exploit some vulnerability at the application end where the server security may not be able to stop the attempt. So if the application is vulnerable no matter how much security you have in place at the server end the site may still get hacked. It’s like closing the front door of the house but leaving a window open for the thief to get through.
So it is vital to understand the basics of how a website gets hacked to keep the website secure. In this post I will list some of the methods hackers use to hack a website and also their prevention tips:
SQL Injection:
Sql Injection is the most common type of hacking attack. I will not go into technical
details, you can read about SQL injection here.
Basically, if you are using a custom-developed CMS e.g. one developed by you or your programmer, then the programmer should be asked to script the application to check and avoid any type of sql injection attacks.
However, if you are using a popular CMS like WordPress or Joomla etc., then make sure you are using the most recent version of the script. As an older version may contain some SQL injection vulnerability that the programmer did not fix. That is why WordPress releases new versions which contain fixes to the previous vulnerabilities and also new features.
So the reason for your WordPress website getting hacked is most likely that you forgot to upgrade to the latest version and some malicious hacker used the vulnerability present in the previous version to hack the website.
Cross-site scripting
Cross-site scripting or XSS is another common type of attack and its technical details can be found here. The prevention will be the same as the ones described in the SQL Injection bullet above.
Tricking the user to install an infected script as a theme or plugin
When installing a theme or plugin/module to your WordPress or Joomla installations make sure that you are downloading the theme from a trusted source (e.g. a trusted website).
We have seen a lot of users installing themes or plugins which are cracked to get a free installation of a paid script. What happens is that the person who has cracked that script also inserts malicious code in the script.
So when you install that theme or plugin it will also insert the code which the hacker later exploits to deface your website or use it to send spam etc.
Using a keylogger or FTP password stealer on the user’s own system
This is also somewhat similar to the above, however, in this case, the hacker is able to
trick the user to install a trojan, virus called ‘Keylogger’ on the user’s local PC.
The keylogger then logs every key the user presses and later sends those to the hacker. Once the hacker gets your login details they are free to access your account and modify code etc.
To avoid this scenario always install and updated anti-virus/spyware software on your local PC. Anti-spyware software like Malwarebytes, Adware, and Spybot S&D is good to scan your PC if you think you are infected.
Use of weak user/password combination for your control panel or CMS admin page
Recently we are seeing a lot of hackers using brute force attacks against WordPress,
Joomla sites, so if you are using a simple user-id / password combination e.g. (UserID: admin and Password: 123456) it can result in the hacker getting the admin access to the website and ultimately resulting in the site getting defaced or used in other malicious activity.
Hopefully, these techniques will help keep your website safe and secure. Our unlimited packages have real-time security scanners, so for a secure website simply order one of our Unlimited Packages.