search
top
May 6, 2009 Posted by in Musings

Change Your Passwords Today!

Weak Passwords Unlock Your Site!Are your passwords cutesy and easy for you to remember because they are your name, hobby, nickname, dog or cat or kid’s name? Time to get serious about your passwords if you don’t want to have to go through the pain of your Web site being hacked because your passwords are “easy.”

Believe me, it is not a fun experience and you want to avoid this happening at all costs. In just the last month, one client was off-line for almost a month as the virus wrecked havoc with his site. It ate up his server’s resources to the point that we had to find another host and reinstall a completely clean version of the site. If you were to ask him about using a more difficult password to avoid all this — no doubt he would jump on that.

When your site gets hacked, you risk your site being blocked by Google when Googlebot detects the malicious code on your site. Google will then display a link that states “This site may harm your computer.” When potential site visitors click on your link in Google — they don’t get sent to your site, they get sent to a warning page. Lost business and reputations are at stake here.

At that point, all you can do is remedy the situation and contact Google when you have done uploaded clean files to they can review, confirm and then removed that warning message.

There are many reasons that can cause your site to be hacked. The most common reason is your FTP password has been bruteforced by hackers, and then malicious content has been uploaded.

This malicious content can be something as simple as a line or two of JavaScript and in many cases is located in the “index” file of the site or one of the site’s directories. If your site is giving off warnings that it is infected through your browser, logging in via FTP and looking at the file that was most recently modified, again usually an index file, will mostly likely be the culprit.

In most cases, there is no rhyme or reason as to which Web sites hackers choose to attack. All reputable hosts work very hard to keep their networks secure. The biggest limitation to security is customers setting weak, easy-to-remember passwords. These simple passwords are very easy to hack.

Here’s what you do:

  1. Make sure your local computer has up-to-date anti-virus and spyware protection. This will allow you to “see” any warnings your software may produce if you are hacked.
  2. Immediately change your FTP passwords to more secure passwords.

An example of a good password is something like: Uo*Zj9xgFdzJ
Don’t use any nicknames or any words that have to do with you at all. And make sure to use a combo of numbers as well as upper and lower case letters like in my example.

PCTools offers a password generating tool to help you come up with passwords that are not easy to hack.

Once your are sure your found all the add malicious code and restored the site with clean files, you will need to ask Google to review and confirm before they will remove that message.

And ultimately to be safe, change all your login passwords that have to do with your site. You cannot be too careful in this regard.

At your service,
Judith

No related posts.

Comments are closed.

top
Copyright© 1995-2012 WordPress Consultant: Judith Kallos | TheIStudio: P.O. Box 1074, Senatobia, MS 38668 | Theme by Elegant Themes