Unfortunately, most website owners know what it’s like to have a site hacked – the panic, the rush to find anyone out there that can help, and the worry it causes. Maybe you were able to get your site back on track or had a company clean the site for you, but the important thing is that your site is finally safe, or so you thought.
Avoid Website Reinfections
There are many ways in which a site can become reinfected after a cleanup. It’s your responsibility to ensure instructions are followed for your site to stay clean. One of the most important steps to avoid reinfection is making sure all of your passwords are updated after a cleanup.
This is important because hackers might have stolen your old information already. Even though the site is malware-free, they can still use your old credentials (if not changed) to wreak more havoc. This will then lead to the process of reinfection. You will need to clean your website again and suffer one more time from the impacts of a hack, such as panic and a financial loss of business.
What’s worse than an infected site? A reinfected site.
When we ask that our customers change passwords on their site, I’m not sure most know the extent to which we mean. Changing only one password for one access point is not going to cut it. That’s like locking one door but leaving the rest wide open.
It’s important to know where those access points are and who is accessing them.
Secure Vulnerable Access Points
Please note that access points are all used to clean your site as well. If you’re having us clean your site under our Website Security Platforms, we will need these login credentials for remediation purposes.
1- Control Panel
Most hosts offer cPanel as a way to easily manage any website that’s being served with a web-based interface. Usually, you can get to the cPanel by typing in the web browser domain.com/cpanel or domain.com:2083. You can use cPanel to manage everything from email to website backups.
There are multiple user levels in a cPanel and it’s important to know who has access to each of those.
When changing passwords, you need to change every user account’s password, not just the admin account.
Get familiar with your cPanel if your host offers one and only allows access to people who really need it.
2 – FTP/SFTP
File Transfer Protocol (FTP) and Secure File Transfer Protocol (SFTP) allow for the transfer of files and access to the server for someone working on a separate computer via an FTP client such as FileZilla or Cyberduck. In order to connect, the following information is used:
- Host Server
You can create different FTP user accounts depending on the amount of access you need to give someone. You create the FTP accounts in the host or cPanel account typically in a section under the File Manager named FTP Accounts.
After the site is cleaned, you will need to assess each user and change each of those passwords individually.
A database is important to your site if you have a dynamic site that needs to be updated without user intervention. The database stores information regarding the content to be updated and will do so for you based on the web traffic.
If you have a DataBase Management System such as MySQL or Oracle then you will want to be sure to change these passwords after an infection.
The host provides a server so that your website can be available over the internet. It holds all the files for your site and typically offers an easy-to-use way of uploading files and making changes. Many hosts will offer a separate cPanel account, as mentioned above.
If you have a login portal directly to the host then you’ll want to remember to change that password and any level of account attached to it.
5 – Content Management System
Creating your site is very simple with a Content Management System (CMS) such as WordPress, Joomla!, Drupal, or Magento.
The ease of making a website betrays the fact that website security is not an easy task and doesn’t prepare you for that feat.
When a website is hacked, attackers often leave backdoors on your website that allow them access to your CMS. After that backdoor is removed, it’s possible those hackers still have the username and passwords for your account.
Along with all the other accounts that could possibly be compromised, assume your CMS has been taken over and defend your website.
If you have any issues finding the account types I mentioned above, check with your host. They tend to have detailed Knowledge Base articles on how to obtain account information. Your web developer will also be able to assist with these account types.
It’s very important that you change passwords every few months and make sure that your passwords are strong in order to secure the site properly even if it hasn’t been hacked recently.
We offer a complete Website Security Platform, containing three core functions: detection, protection, and response. If you would like to relax and not have to be concerned about your website security, let us take this responsibility off your shoulders.
This is a Security Bloggers Network syndicated blog post authored by Celise Davison. Read the original post at: Sucuri Blog