Tag Archives: security

Hacked! What To Do When Your Website Has Been Hacked

FacebookGoogle+LinkedInStumbleUponPinterestRedditShare

It happens. It happens to almost everyone at some point. Usually the bigger the target and the higher the reward the more likely you are to be hacked. Or, if you are hosting on a community site which serves large numbers of people. It also happens to sites with very little traffic but low site security including old widgets which may be running on the site.

Last week my friend Danny Brown had his Facebook page hijacked and there was a lot of buzz about that in the social sphere but that’s not what I’m writing about today. In Danny’s case someone, someone he knew obviously, guessed his Facebook login and proceeded to have their way. What I am writing about today is the anonymous hacker who uses your platform to launch their attack. That attach may be a vicious attack or simply spam. Either way it’s bad for you and bad for all netizens.

When you think of hackers in this case don’t think of some pimple faced post-teen cowarded in his parent’s basement surrounded by pizza boxes and Dr. Pepper cans. In this case think about sophisticated programmers who have written automated scripts to dig for vulnerabilities and seize on them automatically when found. There is no human involvement other than turning on the application and letting it do it’s work. The target? Installations of big scripts like WordPress or Joomla with outdated plugins, themes and widgets which provide an easy hole to walk right in and take over.

What is a URL redirect hack?

The most common attack these days are URL redirects where the script finds the vulnerability and leverages that to re-write something called the .htaccess file. This file tells the browser of any visitor, human or bot, how they can interact with the server. It contains directives about the site including where clicks are directed to and how quickly. It’s very simple to write a replacement .htaccess file if you have access to the server which can be gained by finding a plugin which opens the file for writing. So happened, and is still happening, with a particular version of the timthumb.php script which is widely used in hundreds if not thousands of themes and plugins.

How do I know if I’ve been hacked?

Example of Google results on a hacked site.

How To Stop Applications From Posting To Twitter As You

Have you ever logged in to Twitter to see that you have been posting, mentioning people or maybe even sending instant messages to people but you haven’t been near your account for hours? It happens. When it does, provided you haven’t given some rogue programmer or site master your login information, you can control access to your account. There are several legitimate applications who ask for permission to access your account for varying reasons. Seesmic, for example, needs to be able to login as you, post as you and send instant messages as you. Paper.li needs to be able to read as you to work and wants to post as you so it can spam all of the people it copied when it posted.

You can turn off access to your Twitter account to any application using the Twitter API by following some very, VERY simple steps. Watch this short video on YouTube for a quick walk-through showing exactly how to do this.