Are you browsing your site as usual, when you are suddenly invaded by a pop-up window that hijacks your screen and tells you that your site has been hacked? Are you panicking at the thought of losing your tool and all the fruit of your labor in one instant?
Do not panic, you are not the first site to experience this misadventure, on average, more than 30,000 new identifications of infected websites occur every day, 6,000 new known viruses every month! (according to Forbes)
All types of websites are concerned, the smallest as well as large commercial platforms. Don't worry, there are solutions. Let's see this...
The piracy of a website is often obvious and quickly recognized.
Modified site content:A large banner clearly stresses piracy, an unexplained pop-up appears when browsing, or even links to unknown and inappropriate external sites, either prominently displayed or, on the contrary, very discreet, depending on the hacker's tactics.
Defacing & Degradation:Most often via this type of hacking, the home page of the website is completely modified by hijacking the site to degrade its image, convey a message of protest or a political act (Hacktivism).
Lente réactivité abnormal of the website
The server has been blacklisted in known blacklist databases
Complaints from your host
Heavy traffic and unusual from your server or from unknown and/or foreign sources
Alerts from browsers that your site is dangerous or deceptive
Behind a hack always lies a malicious reason or purpose.
Envoyer du spam
Pour diffuser de la publicité et capter du trafic vers un site frauduleux externe
Phishing ou hameçonnage: obtenir des informations personnelles ou bancaires
Pour distribuer des malwares (virus)
Dégrader l'image d'un site et le vandaliser
Des motivations politiques et sociales, faire passer un message ou des revendications
Parce que c'était trop facile.
To deliver advertising and capture traffic to an external fraudulent site
Phishing or phishing: obtaining personal or banking information
To distribute malware (viruses)
Damage the image of a site and vandalize it
Political and social motivations, conveying a message or demands
Because it was too easy.
An important step when your website is compromised is to define the security breach that allowed the hacker to break in and take possession of your website.
Easy-to-crack simple passwords, weak password storage
Lack of security in administrator access: bad password, backoffice access easy to find or indexed in search engines
Hacked mailbox with easy access to CMS
Hacking via social networks
Configuration or security error (Framework, accessible APIs, etc.)
Latest Missing System Security Updates (Latest Security Patches)
No UpToDate CMS + CMS security patches.
Using insecure permissions
The first important thing at this stage is to define the source and the hacker’s means of intrusion. You can analyze the logs (event logs) of the administration tool or the application servers, the log file of your host contains all connection attempts and modifications made to your site.
Then reinstall the server operating system.
Restore from a clean, pre-attack backup of your website that you know hasn’t been corrupted.
Change access passwords!
As well as access to other applications using the same password as the hacked access or that of your mailbox if this is the source identified like the flaw.
You will then be able to report to Google that your site is now secure and that the hack is cleaned up.
After all this misadventure, the time and the efforts made to remedy this incident, it would be a shame to give the pirate a chance to start again!
Fix and remove the flaw used by the hacker to intrude into your website
Change host if the web server has been hacked and no solution has been found for this flaw
Perform regular backups and offsite backups.
Apply software and system security updates and patches installed on your servers
Apply CMS security updates when available.
Regularly check the logs (log files) to detect suspicious connection tests
Block all unnecessary ports that are not used on the server
Establish a strong and secure password policy using a secure password generator and manager
Modify your accesses with more complex passwords, activating two-factor authentication where possible and
Avoid using the same password for multiple apps
Frédéric Arleri CEO of MeilleurUtilitaire
"Availability, human connection, willingness to find a solution, follow-up"
Would you like to be accompanied to recover your infected website and clean it?
The best e-commerce open-source platforms