What are the Security parameters to avoid suspension of website?
Posted by on 29 October 2013 04:12 PM
Hacking attempts on websites are very common these days and generally happen due to exploitation of your ftp software due to a trojan on your network and also possible if you have installed any infected Open Source application. What happens is when you visit a site on the web which is already exploited, the site drops a trojan on your system which locates the ftp software on your system or your lan and connects to a remote server where the malicious code exist, your ftp software in the background connects to the attackers server uploads your index pages, over there the exploit is added and then the modified page is downloaded to your site and they start spreading the exploit.
What's the solution?
You have to scan all your PC's on the LAN using a software like Kaspersky or AVG and delete the passwords stored in the ftp software, change them and keep them safe to ensure that this exploit doesn't happen again.
First do a complete system scan/network pc then delete FTP user of the website, download the complete website Data at your local end and scan it with reliable antivirus (i.e. AVG network edition, Kaspersky) create a new FTP user and make sure that the password must be a combination of alpha-numeric password keep the password safe to ensure that this exploit doesn't happens again and re-upload the data on the server.
Note: Make sure your web code should not be vulnerable, regarding this you have to contact your web-developer.
Below are few important suggestions to avoid hacking of your website.
1. The most important thing to do is keep your passwords a secret. Do NOT share your passwords with others. Also, always choose strong password which should contain combination of special characters like #, $, combination of upper & lower case letters, numbers etc. Your password should be hard to remember.
2.You need to keep your local system up to date and make sure it is not affected with viruses, trojans, keyloggers, etc.
3. Keep your third party scripts and downloaded programs updated. Always upgrade to the latest version of your blog, forum, shopping cart, etc.
4. Avoid world writable file permissions. The correct permissions are normally 755 or 644. You can check these things in your File Manager. Most users know to avoid 777 permissions, but you really want to avoid any permission settings which allow Group and World writing.