Prevent Your Site from Being Hacked
Written by Paige Filler on June 27, 2008 – 4:55 pm -A Growth Industry
Recently the number of sites being hacked or infiltrated has risen rapidly. We see a lot of distraught site owners who have had their sites damaged, experienced a loss of rankings, or had data stolen.
Use Protection
Although most good hosting companies will protect their servers (and usually your site to some degree) it’s important to understand that you are responsible for your own site.
Take this analogy: You can use the strongest safe in the world, but if you leave the door open and someone empties it, you can’t blame the safe manufacturer.
Hacked Huh?
Before we offer you some simple tips, it’s worth understanding a few basics about the different kinds of hacks, their purpose and how they can affect you.
We won’t go into detail at this stage, but the number of exploits and the number of different types are increasing. Some of the most common include: XSS, SQL Injections and defacing
Staying up to date is a full time job, but like most types of crime, being prepared and protecting yourself should give you a better chance of weathering a storm should it happen.
So without further ado, here’s a basic primer on protecting your site from being hacked when it’s on shared hosting.
Simple Security Tips
1. Keeping Software Up to Date
If you are running old versions of software chances are it’s insecure, make sure you upgrade to the latest release. Most updates to software are security or functionality related, which means if you aren’t running the latest version you are likely to have missed a few security fixes.
2. 3rd Party Scripts and Code
Plugins, widgets or any other code (including free templates and themes) you install are written by other people under unknown circumstances. Some may be great, some may be full of holes. Be sure to research any code you want to use that you didn’t write yourself. Even a few Google searches should help you find out how secure the code you are using is.
3. Your Own Fault
One of the biggest causes of Identity theft and an easy way for someone to get details to your site(s). Your own computer is likely to be a weak link in the chain. Whether it be from poisoned powerpoint files or someone phishing your account details, the vulnerabilities are limitless. No matter how secure your site is, if the machine you access it from (including logging in and editing etc.) is not secure you stand a good risk of being compromised and it may affect more than just your site.
Use virus scans, clear histories, secure your passwords and be aware of general security issues (try not to let your shiny new MacBook air be stolen). Open and Public wifi spots are an obvious security risk. If you give everyone access to your PIN number for your bank account, expect to be robbed.
4. Secure Passwords
A secure password goes a long way to slowing down a potential infiltrator (real ‘hackers’ do not tend to be people that destroy sites, but ethically search for security holes in technology). Put simply passwords should always be a combination of letters and numbers, uppercase and lowercase. The longer the password, the better (though conversely the longer it is the harder it is to remember).
No dictionary words, no family names and no easily guess-able information either.
You can also generate a random password which is even more secure.
5. Checking Your Logs Regularly
Without watching who is visiting your site, what you are ranking for and similar you could be compromised and never even know it.
If you spot any unusual traffic (ranking for gambling, pharmaceuticals and sex terms is a common one) try working out where it is coming from / going to. From there if you are sure it is a hack you can get some quick help. (Send us a message, we’ll do what we can).
6. Outsource a Little Prevention
Using high quality software, a good coder (one who is security aware), hiring a professional security agency or using an automated method like the Firewall script or Hacker safe will help to reduce your risk. What you outsource depends on your needs (and resources of course).
7. Backup, Backup, Backup and Then Backup Some More
While this tip won’t protect you from being hacked, it will be very beneficial to you should it happen.
Send copies of your backup to your gmail, and auto forward them to your yahoo mail. Download copies to tape, your MP3 player or Iphone, it doesn’t really matter. What does matter is that in the case of a hack there will be a couple of things you want.
a. Records of IPs accessing your site.
b. A clean (pre hack) backup of your site (hopefully, including the latest updates)
Here is an easy DIY way to back up your whole site with cPanel.
If you use Hostgator then you’ve already got weekly offsite backups and they will restore your site(s) at no charge should it does become compromised or “cracked/ hacked”.
8. Don’t Put All Your Eggs in One Basket
Site hacking, Search engine rankings, DOS, account closures, viruses, there are a whole list of reasons your site may suffer in some way. With hosting being so cheap, grab yourself a multiple site (reseller) account and spread that risk. You can even have your sites hosted on different C Class IPs.
9. Learn MORE
Nothing beats knowledge. The more you know the easier it becomes to spot problems (not just hacks) and resolve them. So, kick back, grab a soda and start reading (it could be worth more in the end than all of the search news and blogging tips you have in your RSS feed).
Here’s a couple of useful starting points and interesting articles to checkout.
Trend Micro
Apache Security
MySQL Security
Security Focus
ha.ckers.org
Tips to Protect Your Wordpress Installation
How Wordpress Blogs are Hacked
10. Find Yourself a Gator
We take our security very seriously, there is nothing worse than seeing all of your hard work being destroyed. If your site is hosted with us and you think you may have been hacked, click the chat link (top of the page), and contact us anytime to let us know. Not only will you be looking out for the other sites sharing your server, but you give us a better chance to recover your site. Even if your site is not hosted with us, we’ll do what we can to help, we’re just like that.
11. Bonus - Be Careful of the Company You Keep
Anyone with enough time, an Internet connection and some intelligence can find ways to cause you problems online.
Revealing too much, boasting or insulting others online is a good way to attract the wrong kind of attention. In the real world, having fewer enemies just makes life easier.
Until Next Time…
This is the first in a series of posts that should help your site sing even on the darkest of days, there’s nothing we want more than for you to wake up safe and decide to build another new site.
The least we can do is try and make that as easy as possible.
Posted in Web and Hosting Tips | 7 Comments »
Dedicated Server Sale
Written by Tin Pham on June 25, 2008 – 9:18 am -We are happy to announce that we are having a sale on a batch of servers that we had leftover. Some of you may remember these servers being our former Pro Dedicated offering. For those who are not familiar with these former Pro Dedicated specifications:
Processor: Intel Xeon Conroe 3060 server @ 2.4Ghz
Memory: 4GB DDR2
Hard Disk: 4 x 500GB SATA under RAID-10 configuration.
Monthly Bandwidth: 2,500GB @ 10mbps
IP Addresses: 10
OS: CentOS 4.6
Control Panel: cPanel/WHM 11 with Fantastico included.
Pricing: $350 per Month.
This is a great solution for those needing a high performance server with large data storage with redundancy. Under the RAID-10 configuration, risk of data loss would be minimized as the information is mirrored throughout all 4 hard drives. In case a hard drive fails, copies of your data should be stored on the remaining 3 hard drives. At the price of $350 per month, this server definitely provides the most bang for your buck.
This was a very popular dedicated solution when it debuted as our Pro Dedicated package, and we are very excited to be able to offer these servers to you once again. Please keep in mind that stock is limited and once we sell out, this offer will not be available for quite some time.
If you are interested in this offer, please email us at sales@hostgator.com and put it in attention to our Dedicated Sales Department.
Tags: Dedicated Servers, Promotion, Sale
Posted in Promotions | No Comments »
Hostgator for Humanity
Written by fmerrill on May 23, 2008 – 3:17 pm -That’s right, the folding@home hostgator.com team is a reality and we’ve broken into the top 1,000 ranked teams!
Although we’ve kept this fairly low profile on our forum post here , we do have a large amount of users starting to come on board, so I’d like to present something a hosting company is doing to better the world.
The Folding@Home project by Stanford University is a distributed computing project used to create one of the largest supercomputers in the world. The client has long been used used as both a metric to measure processors and machines efficiency and also to help the cause. The project is distributed much in the way Seti@Home was, however, with a more direct human goal.
Just in case you’re wondering, “what is protein folding and why does this matter to me?”; the Folding@Home project simulates complex mathematical formulas about how these proteins fold, unfold, and misfold with the goal to hopefully one day learn better how many well known diseases, such as Alzheimer’s, Mad Cow (BSE), CJD, ALS, Huntington’s, Parkinson’s disease, and many Cancers and cancer-related syndromes actually work and occur. Results? Darn right! The project has already come up with a number of notable scientific results, and is with our help and yours, continues to go somewhere tangible as you can see at Stanford’s whitepage papers
As for how this all came about; I was first introduced to the project when I was looking for something better to do with my Spare CPU cycles than let them idle. A lot of people are worried that clients like this will hog CPU, but the beauty of this software is it scales and re-nices it self so well, so you can be running it and it will use a defined amount of CPU at all times, but when any other process needs the CPU it will throttle itself. You can literally play high end games with the client running, as it will just scale back.
I really began to get involved in the project when I picked up a PS3. I wanted to put the powerful Cell processor through it’s paces so I immediately downloaded the client and started running work units. Now, as an administrator here I began thinking how helpful it could be if some of the machines we have that idle certain days of the week at HostGator were to fold in the background while the machine was not in use. NAS boxes were the perfect solution, and now we’re about to break the 1,000,000 point milestone.
So, do you want to help humanity and have a chance at free hosting? Well help us out and we’ll help you! Here’s what to do :
- Go to http://folding.stanford.edu/ and download the appropriate client for your operating system, and if you have a dual or quad core make sure you get the High Performance SMP client. (If you have a PS3 you can install it directly from the PS3 crossbar interface)
- Install folding@home and use team number 122600 , you can enter anything for your Donor name but we would prefer you use either your forum name so we can better contact you for your prize(or your wordpress login name)
- Start folding and leave it running. Don’t be surprised if it takes a while for you to start getting work units (these things are huge), the more machines you have it running on and the faster the machines, the quicker you will break milestones.
Prize Details
Prizes will be calculated by contributions to the team based on performance. Dead line to see who can get the most milestones will be on 07/01/2008. At that time winner will need to claim prize by emailing sales@hostgator.com with their donor name.
1. GRAND PRIZE (1 winner)
The top contributor who contributes the most points to the team will get a free year of hosting on our Aluminum reseller plan or equivalent in credit to existing HostGator plan if already a customer.
2. FIRST PRIZE (1 winner)
Runner up will receive a free year of hosting on our Swamp hosting plan (or equivalent).
3. SECOND PRIZES (8 winners)
Following 8 runners up will receive 6 months of free hosting on the Baby hosting plan (or equivalent)
I’d like to extend a special thanks to every team member both from our employee pool and some of our very active forum members and customers currently active (over 345 active CPU’s) and especially to both our owner Brent Oxley and our CTO David Collins for allowing me to run this on each and every one of our network backup servers to create a huge grid.
Statistics links :
Tags: alzheimers, cancer, distributed computing, folding@home, free hosting
Posted in Gator Goodness, World Gator | 4 Comments »
iphone “to break or not to break” applications
Written by Justin G on March 21, 2008 – 12:31 pm - 
A lot of people from the get go thought the iphone was a piece of junk, while others thought it was the best thing since sliced bread. Everyone has their opinions about iphone vs Nokia just like Mac vs. PC. So moving on then…
Since Mr. Steve Jobs had announced that there would be an SDK (software development kit) for the iphone, a lot of people have really been excited. Now that over 100,000 people have downloaded the developers kit whats next?
How many people will really switch over from having an unlocked iphone that can run tons of free applications to go legit with Apple and pay a fee for every application? The reason I even ask that is because the current developers kit doesn’t allow for 3rd party music applications. Isn’t music what people would likely use their iphone most for? Or would it be games?
It seems that Apple has decided to do things this way so sales on itunes are not hurt, but there will be an effect with upcoming players like Amazon music as well as Emusic which have compatible DRM free music for the iphone. Will Apple lose some ground with their Itunes music downloads?
One thing is for sure, and that is that Apple will continue governing and restricting their own products and applications like they have been for a while. I think the mentality of Apple which seems to be the ‘we control the product even after you buy it’ for all consumers is getting a bit old. The thing is, that the larger apple gets, and the more popularity that grows for Apple products, the hacking, cracking and unlocking will only continue to grow with it.
Will people be willing to blow their money on new applications approved by Apple, and made by the developer that had to pay $99 to publish that application. Thats right, you have to pay 1 dollar short of 100 to even be able to deploy your application if your a developer, and then if you are a consumer you can buy those applications straight off your iphone for a price, which Apple and the developer split for profit. This whole thing with new applications for the iphone has dropped from a hot boil to a mild simmer, and until Apple comes up with a better plan I’m going to have to say that the majority of people are going to go the free route.
Here below is just a little rundown of some of the FREE unlocked iphone applications that actually have some value. I’m not personally promoting them, but the fact is that they exist and Apple can’t stop it.
SSH For iphone - How to setup and install SSH for iphone.
MobileTerminal-vt100 - A Terminal emulator for the iPhone.
MobileTextEdit - Allows you to edit .txt files within mobilefinder.
Izoho - Full office suite to create edit and more.
Ruby on iphone - An iPhone Ruby interpretor which includes supporting libraries.
Stumbler Wifi Networks Locator - Lets you find wireless networks in your area.
BSD Subsystem - Unix Tools for the iphone.
Iphone Python - An iPhone Python interpretor including libraries.
Mobile Scrobbler - Lets you play music from Last.fm
NES Emulator - Play old school Nintendo games.
Ishare - Works with a Sendspace account to upload and download files.
Swapmusiclibrary - Allows you to sync with another PC without erasing.
Genesis4iphone - Lets you play Sonic and other Sega games.
Navizon GPS - GPS for the iphone.
TouchPadPro - Control your PC or Mac with Your iphone.
RocketShotz - Adds Icons So you never have to Type a Favorite URL to Browse.
Ispit - Acts as an http Server that runs from your iphone.
Funiculus - Guitar Tuner for iphone.
MobileChat - Instant messenger with all the extras.
Ifob - Social Networking application worth using.
iPhlickr - Easy way to browse Flickr Pics.
Expense View - Keep track of finances.
iPhoneDigg - For all the fanatical Diggers.
iPhoneTravel - Easy way to book flights and car rentals.
goMovies - Easy view of movie shows and times.
Google Reader - Clean and easy to use RSS for the iphone.
Iactu - Displays headlines from multiple newspapers.
Tags: apple, applications, iphone
Posted in Around the Web | 8 Comments »
Windows Dedicated Web Hosting
Written by Justin on January 18, 2008 – 5:28 pm -
Do you need a server fast? Your Windows server will be provisioned, secured and delivered within 24 hours of purchase, and we will provide you with monthly server management at no additional cost.
So I have given you the scoop, and now I am offering the first 5 people that purchase a Windows dedicated server from reading this blog a $100 dollar discount on your first month purchase. In order to receive this dicount you must email me at jgarcia(at)hostgator.com.
This is a first come first serve deal and this discount may NOT be combined with other offers, so if you want to get your first month at a reduced price you better act quick before its over. I will give anyone who emails me for this deal a 24 hour window to complete the purchase, then I will offer it to the next person in line.
Posted in Promotions | 9 Comments »
