the various methods used by hackers to attack websites and divert
traffic to their advantage.
It is therefore necessary, from time to time, to check a number of
points on the server with an FTP client.
I present also some tools to detect most of malware.
"Hijackings, symptoms and solutions"
"Malicious script"
Once the attacker has reached to obtain the access code to your site,
you may expect a malicious script (a malware), hidden in one of your
pages, the homepage more often, thanks to an iframe tag.
Against this, visit the Google webmaster tools. This type of attack is
detected and displayed in the diagnosis section. It is also reported
in results by search engines, simply search for you own site.
"Robots.txt"
This file can be modified by a competitor. He will prevent robots from
search engines to index your pages!
It's easy to check it, type the URL of the robot from the browser:
http://www.xxxxxxxx.fr/robots.txt
There is only one robots.txt file (if any) and it is read at the root
of the site by crawlers.
"Cloaking"
This hideous name refers to the act of placing content invisible to
users, but seen by search engines. The goal is for a hacker to place
promotional links to a doubtful site, and it is very damaging for SEO
and the trust factor by Google and other engines.
The parade is to use the Link Checker at command line with the -v
option to display all external links or the Xenu Link Sleuth software.
".htaccess"
This configuration file of the Apache server is very powerful because
it gives full control on redirects and access to files.
An attacker can use it to redirect visitors to its own site. The
effect will be visible as a decline in traffic.
We can not verify it from the browser, use an FTP client (like
Filezilla) to retrieve the file locally and view its contents. It must
conform to the local copy or the copy provided by default with a CMS.
AdSense code replaced
The access to your pages also allows the attacker to replace the
Adsense code in the scripts of your own pages. You will see an
inevitable drop in income but if the attacker is smat, this may be
difficult to detect.
The script Adsense Checker can automatically check the AdSense code on
all pages of your site.
"Added scripts"
The hacker may add scripts or change existing scripts on your site.
The purpose of these malicious codes may be to use the site to send
mass spams, or collect bank information from users of a commercial
site.
Here again we have an open source PHP script to perform the checking:
Script Checker.
If you are using a CMS, you must have a local copy of the code of it,
downloaded from the author's site, to compare with the code online on
the site.
"Hacking DNS"
This can happen with dedicated hosting or on a shared server. It may
reditect a domain name to the IP of another site that was made to
imitate the original.
Here too the result will be immediately visible in the form of reduced
traffic, or drop in sales if the hacking is very selective.
You can make a report on the DNS with the online service DNS report.
"Conclusion"
Most hackings are simply detected by looking at the site. Others are
in the source code and require checkers to verify them.
In any case, when in doubt, a precautionary approach is required:
change the password ... Once the malware removed.
No comments:
Post a Comment
Confused? Feel free to ask
Your feedback is always appreciated. I will try to reply to your queries as soon as time allows.
Note:
Please do not spam Spam comments will be deleted immediately upon my review.