Security

Prevention:

A sad fact is that all public websites are a target for hackers to place viruses or spam into the site. Although some attacks are targeted most are just automated bots that search for known vulnerabilities in sites. A popular site may be a more tempting target but even if your site has 1 visitor/month if it is discoverable it is a target. It is very easy to determine what kind of host, libraries, scripts and programs are running on/behind most websites. It might be tempting to try to obscure that and presume that your site is then safe.

The best server side method is to patch all security flaws as soon as they are found throughout your whole stack - this in itself will deal with at least 95% of attacks. Yes that may sound like a lot of work and it is definitely is; but despite that, prevention is much easier - and in the long run saves time/money - compared to a wish and a prayer and then dealing with the problem if /when they re-appear.

So you may be wondering what can you do to secure you site? The most important thing to do is make sure all accounts with any form of administrative access to any subset of your webiste (FTP, Control panels etc.) use secure and unique passwords. Then after that you should make sure all security updates are applied to everything that you have access to - depending on your hosting/backend setup there may be nothing you can update or there could be a full stack of Operating System, Server, CMS and plugins. If you have minimal access to your server you should make sure that your server administrator is keeping everything up to date - best way would be ask them. Updating is especially important if you are using a popular CMS - such as Drupal, Joomla or Wordpress; security vulnerabilities are fixed fast but once the update is released it is easy for hackers to reverse engineer the patch very fast and start attacking any unpatched systems.

Whatever your level of access to your server you may not be comfortable running updates and of course when running updates there are always chances of bugs. So if that is the case what should you do? Hiring someone to do regular maintenance is the best solution. Whoever you choose should have experience with your server type and software stack.

BriarMoon Design has experience managing Linux (predominantly CentOS & Ubuntu), Windows and Macintosh based systems with various hosting stacks including Apache, Nginx, MariaDB, MySQL, Node.js, Python and PHP. I also am experienced with updating, upgrading and routine maintenance for CMS Systems including Wordpress, Drupal and various forums. Contact us for a quote on updating or maintaining any system.

Also important is to keep regular backups. Of both code and database if applicable; this will make recovering from most damages much much easier! Best if you have both onsite and offsite backups. Again we can provide assistance in both setting up good backuping routines/schedules and securely storing them.

Of course depending on your exact system there are a multitude of settings that may improve security. Often the improvement in security may come at a loss in functionality so depending on your requirements ideal settings may vary quite a bit.

After an attack:

Of foremost importance is stopping any further damage including and especially data leaks. Then you have to figure out the extent of the system compromise and if any user data has been compromised inform your users early and clearly; this will be much better for your image than hiding it. After that the system should be analysed to determine how the attack penetrated the system's security so that you can prevent the same attack in the future.

If possible restore from a backup and then redo any changes between the backup and the hack was discovered. If possible to restore from backup it will usually be a very simple job. If no backup is available then the whole codebase and database has to be checked for malicious changes. Obviously that can be much more time-consuming/costly.

We have expertise in removal of viruses, backdoors and various other forms of malicious code injections as well as restoring your data. Quick and complete removal is vital to prevent further damage to your site, so if your site has been hacked don't delay, contact us for a fast, complete site restoration and security review.