This is happening more an more often, sites from small businesses to large social networking portals.
Examples of recently hacked sites:
Also a client had his site hacked by an employee who held the site to ransom.
The host, 123reg and the police were involved and both parties took the situation very seriously.
Most importantly, make sure your domain is LOCKED!
Domain locking allows you to lock a domain against transfers and nameserver changes. This prevents accidental changes to the important details of your domain name, as it will need to be unlocked (an easy process) before modifications will be accepted.
This is a registry lock. This means it won’t prevent transfers to another registrar, e.g Network Solutions.
Is your domain locked? Ask your support about this, if it isn’t they can lock your sites immediately and without little fuss. However, the embarassment when pitching to a new client and your web site has offensive ransom messages on it from a hacker team isn’t worth thinking about!
I also have had my site security breached with a hacker leaving a spoof ebay site on my servers. I use dreamhost and unfortunately a number of sites were hit by attacks due to insecure server firewalls, the hacker gaining access via FTP and static IP.
This is the message I received from ebay who found the files and tracked them to my server:
We believe that your website has been compromised.
We recommend that you change your password for your web hosting accounts as soon as possible, and then remove the offending material.
If you have any logs or data files that could help us track down the perpetrator of this crime, we would appreciate it if you could forward that on to us.
Of course, it goes without saying, change your FTP passwords regularly, make a note to do housekeeping on your live servers, make sure you know what files are there and remove/back up locally any files or directories that you don’t need.
If in any doubt check out your log files, and this will show the activity of who has been visiting your site. Valuable evidence for the Police and towards legal proceedings.
This is a friendly reminder that it does happen, make sure you are covered and have a system in place for when it ‘does’ happen to you..