Monday, November 7, 2011

Server Website Risks of Hacking For a Website

Risks of Hacking For a Website

by on in ,
Hijackings, symptoms and solutions
Malicious script
Once the attacker has reached to obtain the access code to your site, you may expect a malicious script (a malware), hidden in one of your pages, the homepage more often, thanks to an iframe tag.

Against this, visit the Google webmaster tools. This type of attack is detected and displayed in the diagnosis section. It is also reported in results by search engines, simply search for you own site.

Robots.txt
This file can be modified by a competitor. He will prevent robots from search engines to index your pages!
It's easy to check it, type the URL of the robot from the browser:
http://www.xxxxxxxx.fr/robots.txt
There is only one robots.txt file (if any) and it is read at the root of the site by crawlers.

Cloaking
This hideous name refers to the act of placing content invisible to users, but seen by search engines. The goal is for a hacker to place promotional links to a doubtful site, and it is very damaging for SEO and the trust factor by Google and other engines.

The parade is to use the Link Checker at command line with the -v option to display all external links or the Xenu Link Sleuth software.

.htaccess
This configuration file of the Apache server is very powerful because it gives full control on redirects and access to files.
An attacker can use it to redirect visitors to its own site. The effect will be visible as a decline in traffic.
We can not verify it from the browser, use an FTP client (like Filezilla) to retrieve the file locally and view its contents. It must conform to the local copy or the copy provided by default with a CMS.

AdSense code replaced
The access to your pages also allows the attacker to replace the Adsense code in the scripts of your own pages. You will see an inevitable drop in income but if the attacker is smat, this may be difficult to detect.
The script Adsense Checker can automatically check the AdSense code on all pages of your site.

Added scripts
The hacker may add scripts or change existing scripts on your site. The purpose of these malicious codes may be to use the site to send mass spams, or collect bank information from users of a commercial site.
Here again we have an open source PHP script to perform the checking: Script Checker.
If you are using a CMS, you must have a local copy of the code of it, downloaded from the author's site, to compare with the code online on the site.

Hacking DNS
This can happen with dedicated hosting or on a shared server. It may reditect a domain name to the IP of another site that was made to imitate the original.
Here too the result will be immediately visible in the form of reduced traffic, or drop in sales if the hacking is very selective.
You can make a report on the DNS with the online service DNS report.

Conclusion
Most hackings are simply detected by looking at the site. Others are in the source code and require checkers to verify them.
In any case, when in doubt, a precautionary approach is required: change the password ... Once the malware removed...
By at
Labels: ,

No comments:

Post a Comment

Confused? Feel free to ask

Your feedback is always appreciated. I will try to reply to your queries as soon as time allows.

Note:
Please do not spam Spam comments will be deleted immediately upon my review.

Subscribe to: Post Comments (Atom)