What is website defacing and how to deal with it?
My site is hacked! – this is one of the most difficult questions for a customer support team to answer. The most common website attack is Defacing . When a site is being defaced, its home page is changed to something else, usually announcing that this site is hacked by someone. While this is the most noticeable website attack type, it is also the easiest to deal with – a simple backup restore procedure will do the trick. If you have a copy of the home page, this will also help. Sometimes, it’s also possible to simply remove the responsible HTML code. A more sophisticated form of defacing will extend not only to the home page, but to several other pages as well. Sometimes, the hacker goes so far as to put a code, which will open an HTML frame, leading to a remote content hosted on another server. In order for someone to “deface” your site, they will need access to your account – such can be gained in several ways – via brute force or dictionary attacks on your administrative login page, SQL injections, XSS attacks or, most trivially, after hacking your email account where your account password is kept. There are several ways to protect yourself against such attacks:
- Choose stronger passwords – this has been said many times, but it’s vital – the easiest way for someone to gain access to your site is via a brute force attack, which will try to guess your password or username, generating random characters. This means that the more complex your password is, the harder it will be for someone to hack your site. To prove my point I’ll mention that there’s even a Firefox extension, which allows anyone to launch a brute force attack from their browser!
- Keep your code updated – if you are using a CMS system, make sure that you are running the latest version possible. This also applies to any plugins you are using.
- Always keep a backup – make sure that you keep a backup of your site on your home computer, just in case. Keep this backup as fresh as possible.