There are several reasons a site can be hacked, but the culprit we identify most often is an outdated extension. Updating extensions is critical because hackers can easily identify vulnerabilities in older versions, which are like a wide open back door to the site. If you’re using a Joomla site, it’s best practice to visit the Vulnerable Extensions List frequently. If you see an extension you’re using on this list, download and install the patches immediately. If no patches exist, disable the extension and find something to replace it.
Another reason we see sites hacked is because the site itself is an older version of the application, like Joomla 1.5 for example, which is no longer supported with security patches. We provide a managed hosting platform, which means we’ll update versions for you when a new STS (short term support) version becomes available. When a new LTS (long term support) version becomes available, it’s up to site administrators to upgrade on their own. It’s definitely best practice to stay current with the most recent version of your application.
We also see compromised administrator passwords. Hackers have the ability to run a few scripts to determine if you’re using a simple password like a name or birth date or if you’re using something generic like “admin” or “admin123”. You wouldn’t believe how many times we see people actually use the word “password” for their password. You also have to be careful about who you share the password with.
Even though we cannot scan your personal machine, we do encounter users whose computers has been infected with a virus, spyware, or malware. Attackers who use these surveillance or malicious softwares are looking for personal information that can be exploited and they’ve been known to steal passwords and sell them to other groups who want to attack your site. Be sure to check your your machine weekly with a reliable scanner. I recommend using Microsoft Security Essentials, a free program for Windows versions Vista, 7, 8 and 8.1. Linux and Mac users are not immune to attacks, and I recommend speaking with someone about how you can best secure your machine.
There are a number of steps that need to be taken to clean up a hacked website. If you’re unfamiliar with the items on this list, you can contact your web hosting provider for more assistance.
The suggestions we have for avoiding a hacked site in the future should be performed on a regular basis.
If all of this is a little intimidating, don’t panic. We offer a site sanitization service for any site hosted with CloudAccess.net. Our team of programmers and system administrators will clean an application and remove the hacked files and scripts for you. We’ll update the site and make it as secure as possible by taking preventative measures. Learn more about our Site Sanitization services.