In our last post, we discussed 5 different ways your website can be made vulnerable to security attacks. In this post we’ll discuss the negative effects of a security breach, and give some tips on how to protect your site going forward.
1. What can happen if a website is not secured:
If your site gets hacked or compromised, it can act as an agent on behalf of the attacker to spread malware and spew spam. Here are some of the different consequences you face by not protecting your website:
a. Your site gets infected with web-malware, in turn infecting all visitors to the website. This leads to getting blacklisted by search engines and security watchdogs in the Internet. Once a site is blacklisted, all modern browsers like Internet Explorer, Safari, Firefox will block access to your website. On average it takes about 7 days for a website to get itself cleaned and off the blacklists.
b. Your site gets infected with spam-shells. Spam shells use the hosting account as a staging ground for sending out spam to users in the Internet. This can cause your website to get blacklisted and emails from your domain may be blocked or dropped completely.
c. Customer confidence can drop greatly if a website is blacklisted. What’s more, it takes hours worth of effort to find the web-malware causing issues on a site. This leads to loss in sales as well as expending money and time on fixing an easily avoidable problem.
d. Customer data such as credit card information, customer addresses and other personal information can be stolen and distributed on underground networks.
2. What can I do to protect my website:
There are two primary product categories that can help you secure your website:
Website Vulnerability Assessment: On a PC, Microsoft will act as the vulnerability assessment tool and tell you where you’re vulnerable and what you can do about it. Unfortunately, such a service is not available on web sites. But there are tools available that will scan your website and tell you if you’re vulnerable and what you can do about it. If you understand security issues on a website well and have the time and money to keep your site up to date, this is an excellent tool to reduce the risk of being infected by hackers.
Website Malware Scans: As with PCs, most website owners and administrators realize they can’t keep up with all vulnerabilities and that sooner or later they will get infected. As a minimum, they therefore subscribe to a service that scans their website daily and alerts them when a hacker has injected malicious code. They can take immediate action before their users get infected or they get blacklisted. Because the attacks can be more complicated on web sites, signature based virus engines are not enough. An effective scan engine will check for both known viruses and unknown web malware.
Several vendors offer solutions like this. A Small Orange has teamed up with StopTheHacker, and is offering their services through our dashboard. Our top priority is the security of your website and you’re of course free to use any service out there.
For detailed information about the security products offered by ASO, please click here.
Get more helpful tips on how to keep your site free from hackers at the StopTheHacker blog, located here.
This article has described some methods that can dramatically reduce the chances of getting hacked and blacklisted. Please feel free to provide feedback about your experiences and comments at firstname.lastname@example.org.
Also, all services at StopTheHacker come with a risk-free, two (2) week trial, no credit card number is needed. Please visit www.stopthehacker.com/services/ for more details.