Many website owners are livid when their websites are defaced or hacked into and a message is put up by the hackers. The panic causes them to get angry and scared at the same time. Who could it be? Why me? How did they enter? What did I miss? Whose fault is it? are all common questions that come up when an incident occurs. This article discusses the possible reasons which caused your website to be compromised and how to deal with them.
Many website designers claim to know a lot about designing and website development, but simply know how to copy designs and layouts and make them fit in with your website. While trying to put in transitions and effects to your website elements, they most often copy code or boilerplate templates from free websites or previous projects. These code snippets have rarely been tested and no due diligence has been done to ensure their integrity. Many a time even prominent encoded malware is slipped into the code, which very few designers really understand.
Just like the design aspect, even many coders and programmers are known to lift code from various sample websites, to match the taste of their client. Little do they realize that they are exposing their work to direct threats which are constantly waiting for easy prey. Code for menu’s, slideshows, sidebars, contact forms and even chat applications could be laced with malicious code, which may either give control of the website and hosting account to an outsider or cause some automated scripts to run on the website. A client of ours was very surprised that all enquiries from his contact form were visible on a business forum. When he tested out the form, he realized that the form was auto-posting the results to the forum and suspected that the coder had played mischief. When he contacted the coder, the coder admitted to having used a free contact form script due to some special features. When a security professional inspected the code, he discovered that not only were the contacts being posted to the forum, but they were also being copied to an obscure email address.
All of us are drawn into template based systems, due to their quick setup turnaround time and ease of use. But many people don’t want to pay the template designers for their efforts and would prefer to buy pirated or nulled versions of the same paid templates. There is always a price for cutting corners and in this case, the price can be quite large. Those who distribute nulled versions for free often want some quid pro quo and add their own code or scripts to the templates, so that they also benefit from your using the template. Popup ads, banners, redirects, silent copying of your content and even mass mailing scripts are all part and parcel of using a stolen template.
The CMS System that you use also plays an important part in ensuring that your website content remains safe. Numerous vulnerabilities are found everyday across various open source and paid CMS systems. Not patching these vulnerabilities and not applying frequent updates to them increases your chances of being attacked by serial attackers who are specifically targeting your type of website system.
It is also possible that the systems of your Hosting Company is infected and the malware or virus is spreading through their network. Although the chances of this are low, this can be easily determined by inspecting the logs of the hosting account. If the damage was done through a super user, then it is necessary to get the entire server and network checked up.
More often than not, the website owner or webmaster or admin is at fault for doing or not doing something at the right time and right place. Setting permissions too loosely, using plan text passwords in code and even allowing users to upload to a system folder are all ways in which the admin is responsible for getting the website into trouble.