We deploy multiple levels of security here at Vertito to protect your accounts data. It's important to remember though, that a secured server will not fully protect you from an account becoming compromised, if the scripts running are vulnerable, or your PC itself is compromised.
A few common reasons an account could become compromised include:
- Weak FTP password that can be guessed by a hacker (choose a strong password and we recommend connecting using SFTP)
- Loose permissions on folders that can allow hackers to upload malicious content (check and make sure that file permissions are set to 644 and folder permissions are 755).
- Outdated software (plugins, addons, themes, etc) that has security vulnerabilities that are not patched (make sure that all scripts on the account are up to date and have the most recent security patches). If you are no longer using a script, we recommend uninstalling it as soon as possible.
- Infected computer uploading data to the site that is becoming infected itself. (It is best to scan your computer for Malware using Malwarebytes, Spybot, and NOD32 to remove any malicious pieces of software that may be the culprit) Test your pc here (use full scan/clean options): http://www.eset.com/online-scanner
Malware monitoring and cleanup:
We have a partnership with a company called Securi, which provides malware monitoring and exploit cleanup services on top of our upstream data center security in placed.
IMPORTANT: Once your account has been compromised, it is very likely that the intruder will leave a backdoor to easily gain access later. That’s why only fixing your vulnerable code might not be enough. Finding the backdoors will be time-consuming and expensive (requiring a professional developer). That’s why you might prefer to start your site from scratch.
Unfortunately the help we can provide in these situations are limited as there are just to many variables that we do not control. You can submit a ticket to our support system to perform a Linux Malware Detect scan on your hosting account and have us quarantine some of the exploited files, but you will still need to identify how the account was compromised in the first place. You can also restore a backup of your account from within your control panel under R1Soft.
Saturday, May 18, 2013