Friday, December 15, 2017
Last week on #NoHacked, we have shared on hack detection and the reasons why you might get hacked. This week we focus on prevention and here are some tips for you!
Top ways websites get hacked by spammers:
Understanding how your site was compromised is an important part of protecting your site from attacks, here some top ways that sites get compromised by spammers.
Be mindful of your sources! Be very careful of a premium theme/plugin that's available without payment
You probably have heard about premium plugins that are available without payment. If you've ever stumbled upon a site offering you plugins you normally have to purchase for free, be very careful. Many hackers lure you in by copying a popular plugin and then add backdoors or malware that will allow them to access your site. Read more about a similar case on the Sucuri blog. Additionally, even legit good quality plugins and themes can become dangerous if:
- you do not update them as soon as a new version becomes available
- the developer of said theme or plugin does not update them, and they become old over time
In any case, keeping all your site's software modern and updated is essential in keeping hackers out of your website.
Botnet in WordPress
A botnet is a cluster of machines, devices, or websites under the control of a third party often used to commit malicious acts, such as operating spam campaigns, clickbots, or DDoS. It's difficult to detect if your site has been infected by a botnet because there are often no specific changes to your site. However, your site's reputation, resources, and data are at risk if your site is in a botnet. Learn more about botnets, how to detect them, and how they can affect your site at Botnet in WordPress and Joomla article.
As usual if you have any questions post on our Webmaster Help Forums for help from the friendly community and see you next week!