Website hacking – how it happens and how to prevent it
This week has seen us repairing and upgrading some websites for clients that were unfortunate enough to have their sites hacked.
This can happen for a number of reasons, most common being that the content management software is out of date. Weak passwords can also let people gain access to your control panel. Exploits are constantly discovered and hackers run automated tools to find and target these security holes.
What can happen?
One site has had their payment gateways altered so that their checkout sends money to the hacker instead of the website owner. Another site started displaying a message about a software plugin update to site visitors, and if they click the ‘update’ button then dodgy software was installed on their computer.
We have also seen sites have their code altered to add links to dodgy websites. Security breaches like these can cost you money and harm your reputation with your potential customers or clients.
What can you do?
To prevent this kind of situation, regular updates are needed to your website software. WordPress is constantly updated with security patches and can be updated from the control panel. While it’s easy to press the update button, if you are running a custom theme or lots of plugins the updates can be incompatible with each other and cause strange behaviour. Taking a full backup of the website before updating is wise, just in case.
Shop systems like OpenCart are a bit trickier to update as they often don’t have an automatic update function. With many shops being heavily customised with extensions and custom themes the updates may have to be done manually.
We can also install a service like CodeGuard to your site that checks the site files and alerts you to any changed files.
If you’ve been the victim of a website hack we can help you repair and update your site. Call 01636 812551 or contact us for a quote.