Prevent Your Site from Being Hacked
Written by Paige Filler on June 27, 2008 – 4:55 pm -A Growth Industry
Recently the number of sites being hacked or infiltrated has risen rapidly. We see a lot of distraught site owners who have had their sites damaged, experienced a loss of rankings, or had data stolen.
Use Protection
Although most good hosting companies will protect their servers (and usually your site to some degree) it’s important to understand that you are responsible for your own site.
Take this analogy: You can use the strongest safe in the world, but if you leave the door open and someone empties it, you can’t blame the safe manufacturer.
Hacked Huh?
Before we offer you some simple tips, it’s worth understanding a few basics about the different kinds of hacks, their purpose and how they can affect you.
We won’t go into detail at this stage, but the number of exploits and the number of different types are increasing. Some of the most common include: XSS, SQL Injections and defacing
Staying up to date is a full time job, but like most types of crime, being prepared and protecting yourself should give you a better chance of weathering a storm should it happen.
So without further ado, here’s a basic primer on protecting your site from being hacked when it’s on shared hosting.
Simple Security Tips
1. Keeping Software Up to Date
If you are running old versions of software chances are it’s insecure, make sure you upgrade to the latest release. Most updates to software are security or functionality related, which means if you aren’t running the latest version you are likely to have missed a few security fixes.
2. 3rd Party Scripts and Code
Plugins, widgets or any other code (including free templates and themes) you install are written by other people under unknown circumstances. Some may be great, some may be full of holes. Be sure to research any code you want to use that you didn’t write yourself. Even a few Google searches should help you find out how secure the code you are using is.
3. Your Own Fault
One of the biggest causes of Identity theft and an easy way for someone to get details to your site(s). Your own computer is likely to be a weak link in the chain. Whether it be from poisoned powerpoint files or someone phishing your account details, the vulnerabilities are limitless. No matter how secure your site is, if the machine you access it from (including logging in and editing etc.) is not secure you stand a good risk of being compromised and it may affect more than just your site.
Use virus scans, clear histories, secure your passwords and be aware of general security issues (try not to let your shiny new MacBook air be stolen). Open and Public wifi spots are an obvious security risk. If you give everyone access to your PIN number for your bank account, expect to be robbed.
4. Secure Passwords
A secure password goes a long way to slowing down a potential infiltrator (real ‘hackers’ do not tend to be people that destroy sites, but ethically search for security holes in technology). Put simply passwords should always be a combination of letters and numbers, uppercase and lowercase. The longer the password, the better (though conversely the longer it is the harder it is to remember).
No dictionary words, no family names and no easily guess-able information either.
You can also generate a random password which is even more secure.
5. Checking Your Logs Regularly
Without watching who is visiting your site, what you are ranking for and similar you could be compromised and never even know it.
If you spot any unusual traffic (ranking for gambling, pharmaceuticals and sex terms is a common one) try working out where it is coming from / going to. From there if you are sure it is a hack you can get some quick help. (Send us a message, we’ll do what we can).
6. Outsource a Little Prevention
Using high quality software, a good coder (one who is security aware), hiring a professional security agency or using an automated method like the Firewall script or Hacker safe will help to reduce your risk. What you outsource depends on your needs (and resources of course).
7. Backup, Backup, Backup and Then Backup Some More
While this tip won’t protect you from being hacked, it will be very beneficial to you should it happen.
Send copies of your backup to your gmail, and auto forward them to your yahoo mail. Download copies to tape, your MP3 player or Iphone, it doesn’t really matter. What does matter is that in the case of a hack there will be a couple of things you want.
a. Records of IPs accessing your site.
b. A clean (pre hack) backup of your site (hopefully, including the latest updates)
Here is an easy DIY way to back up your whole site with cPanel.
If you use Hostgator then you’ve already got weekly offsite backups and they will restore your site(s) at no charge should it does become compromised or “cracked/ hacked”.
8. Don’t Put All Your Eggs in One Basket
Site hacking, Search engine rankings, DOS, account closures, viruses, there are a whole list of reasons your site may suffer in some way. With hosting being so cheap, grab yourself a multiple site (reseller) account and spread that risk. You can even have your sites hosted on different C Class IPs.
9. Learn MORE
Nothing beats knowledge. The more you know the easier it becomes to spot problems (not just hacks) and resolve them. So, kick back, grab a soda and start reading (it could be worth more in the end than all of the search news and blogging tips you have in your RSS feed).
Here’s a couple of useful starting points and interesting articles to checkout.
Trend Micro
Apache Security
MySQL Security
Security Focus
ha.ckers.org
Tips to Protect Your Wordpress Installation
How Wordpress Blogs are Hacked
10. Find Yourself a Gator
We take our security very seriously, there is nothing worse than seeing all of your hard work being destroyed. If your site is hosted with us and you think you may have been hacked, click the chat link (top of the page), and contact us anytime to let us know. Not only will you be looking out for the other sites sharing your server, but you give us a better chance to recover your site. Even if your site is not hosted with us, we’ll do what we can to help, we’re just like that.
11. Bonus - Be Careful of the Company You Keep
Anyone with enough time, an Internet connection and some intelligence can find ways to cause you problems online.
Revealing too much, boasting or insulting others online is a good way to attract the wrong kind of attention. In the real world, having fewer enemies just makes life easier.
Until Next Time…
This is the first in a series of posts that should help your site sing even on the darkest of days, there’s nothing we want more than for you to wake up safe and decide to build another new site.
The least we can do is try and make that as easy as possible.
Posted in Web and Hosting Tips | 7 Comments »
Dedicated Server Sale
Written by Tin Pham on June 25, 2008 – 9:18 am -We are happy to announce that we are having a sale on a batch of servers that we had leftover. Some of you may remember these servers being our former Pro Dedicated offering. For those who are not familiar with these former Pro Dedicated specifications:
Processor: Intel Xeon Conroe 3060 server @ 2.4Ghz
Memory: 4GB DDR2
Hard Disk: 4 x 500GB SATA under RAID-10 configuration.
Monthly Bandwidth: 2,500GB @ 10mbps
IP Addresses: 10
OS: CentOS 4.6
Control Panel: cPanel/WHM 11 with Fantastico included.
Pricing: $350 per Month.
This is a great solution for those needing a high performance server with large data storage with redundancy. Under the RAID-10 configuration, risk of data loss would be minimized as the information is mirrored throughout all 4 hard drives. In case a hard drive fails, copies of your data should be stored on the remaining 3 hard drives. At the price of $350 per month, this server definitely provides the most bang for your buck.
This was a very popular dedicated solution when it debuted as our Pro Dedicated package, and we are very excited to be able to offer these servers to you once again. Please keep in mind that stock is limited and once we sell out, this offer will not be available for quite some time.
If you are interested in this offer, please email us at sales@hostgator.com and put it in attention to our Dedicated Sales Department.
Tags: Dedicated Servers, Promotion, Sale
Posted in Promotions | No Comments »
Hostgator for Humanity
Written by fmerrill on May 23, 2008 – 3:17 pm -That’s right, the folding@home hostgator.com team is a reality and we’ve broken into the top 1,000 ranked teams!
Although we’ve kept this fairly low profile on our forum post here , we do have a large amount of users starting to come on board, so I’d like to present something a hosting company is doing to better the world.
The Folding@Home project by Stanford University is a distributed computing project used to create one of the largest supercomputers in the world. The client has long been used used as both a metric to measure processors and machines efficiency and also to help the cause. The project is distributed much in the way Seti@Home was, however, with a more direct human goal.
Just in case you’re wondering, “what is protein folding and why does this matter to me?”; the Folding@Home project simulates complex mathematical formulas about how these proteins fold, unfold, and misfold with the goal to hopefully one day learn better how many well known diseases, such as Alzheimer’s, Mad Cow (BSE), CJD, ALS, Huntington’s, Parkinson’s disease, and many Cancers and cancer-related syndromes actually work and occur. Results? Darn right! The project has already come up with a number of notable scientific results, and is with our help and yours, continues to go somewhere tangible as you can see at Stanford’s whitepage papers
As for how this all came about; I was first introduced to the project when I was looking for something better to do with my Spare CPU cycles than let them idle. A lot of people are worried that clients like this will hog CPU, but the beauty of this software is it scales and re-nices it self so well, so you can be running it and it will use a defined amount of CPU at all times, but when any other process needs the CPU it will throttle itself. You can literally play high end games with the client running, as it will just scale back.
I really began to get involved in the project when I picked up a PS3. I wanted to put the powerful Cell processor through it’s paces so I immediately downloaded the client and started running work units. Now, as an administrator here I began thinking how helpful it could be if some of the machines we have that idle certain days of the week at HostGator were to fold in the background while the machine was not in use. NAS boxes were the perfect solution, and now we’re about to break the 1,000,000 point milestone.
So, do you want to help humanity and have a chance at free hosting? Well help us out and we’ll help you! Here’s what to do :
- Go to http://folding.stanford.edu/ and download the appropriate client for your operating system, and if you have a dual or quad core make sure you get the High Performance SMP client. (If you have a PS3 you can install it directly from the PS3 crossbar interface)
- Install folding@home and use team number 122600 , you can enter anything for your Donor name but we would prefer you use either your forum name so we can better contact you for your prize(or your wordpress login name)
- Start folding and leave it running. Don’t be surprised if it takes a while for you to start getting work units (these things are huge), the more machines you have it running on and the faster the machines, the quicker you will break milestones.
Prize Details
Prizes will be calculated by contributions to the team based on performance. Dead line to see who can get the most milestones will be on 07/01/2008. At that time winner will need to claim prize by emailing sales@hostgator.com with their donor name.
1. GRAND PRIZE (1 winner)
The top contributor who contributes the most points to the team will get a free year of hosting on our Aluminum reseller plan or equivalent in credit to existing HostGator plan if already a customer.
2. FIRST PRIZE (1 winner)
Runner up will receive a free year of hosting on our Swamp hosting plan (or equivalent).
3. SECOND PRIZES (8 winners)
Following 8 runners up will receive 6 months of free hosting on the Baby hosting plan (or equivalent)
I’d like to extend a special thanks to every team member both from our employee pool and some of our very active forum members and customers currently active (over 345 active CPU’s) and especially to both our owner Brent Oxley and our CTO David Collins for allowing me to run this on each and every one of our network backup servers to create a huge grid.
Statistics links :
Tags: alzheimers, cancer, distributed computing, folding@home, free hosting
Posted in Gator Goodness, World Gator | 4 Comments »
Windows Dedicated Web Hosting
Written by Justin on January 18, 2008 – 5:28 pm -
Do you need a server fast? Your Windows server will be provisioned, secured and delivered within 24 hours of purchase, and we will provide you with monthly server management at no additional cost.
So I have given you the scoop, and now I am offering the first 5 people that purchase a Windows dedicated server from reading this blog a $100 dollar discount on your first month purchase. In order to receive this dicount you must email me at jgarcia(at)hostgator.com.
This is a first come first serve deal and this discount may NOT be combined with other offers, so if you want to get your first month at a reduced price you better act quick before its over. I will give anyone who emails me for this deal a 24 hour window to complete the purchase, then I will offer it to the next person in line.
Posted in Promotions | 9 Comments »
HostGator Toronto receives Raptors Tickets
Written by Jay Weissman on December 7, 2007 – 6:18 pm -Very rarely is a peep heard from our Toronto Office, the dedicated team of Administrators in Toronto usually keep their nose to the grind-stone and help keep our servers running in tip-top shape. They may keep to themselves, however their efforts certainly do not go un-noticed. Much to this point, they recently received an amazing gift from a very satisfied client.
Late, on a recent Saturday evening, the Toronto Technical Staff were shutting down their computers and preparing to call it a night when they received an urgent message from one of the Chat Techs at the Houston office. It seems that one of our client’s dedicated servers had taken a turn for the worse and crashed due to a mysterious software misconfiguration. The Chat Tech looked high and low for an available administrator to help our frantic client, but no admins were free to assist with the immediate issue. The Toronto Technical Staff gladly dropped what they were doing, canceled their plans for the evening and continued to burn the proverbial “Midnight Oil” until they had resolved the issue and restored the server to its original state.
“Every minute my site is off line… “, the client told us, “I lose, potentially, hundreds of prospective customers, and that just won’t do!”
The Toronto Team understands the needs of high availability websites and were glad to do everything they can to get this customers site back online in a timely fashion.
As a reward for their efforts, the client purchased tickets to a Toronto Raptors game on January 9, 2008 for the entire staff.
When asked what they thought of the tickets, the Toronto Staff said they were very grateful for the gift, but they had done nothing heroic and, in fact, what they had done was “all in a day’s work”.
Below is a snapshot of our staff in Toronto, and we’ll be sure to follow up with pictures of the game!
Pictured from left to right: Adrian P, Dave C, James N, Michael Y
Posted in Uncategorized | 1 Comment »
