Timely reminder on keeping your sites updated
Thursday, December 8, 2011
We have had a report from one of our partners, Simon Barnaby from Big Yellow Zone, that he came across a hacked site yesterdy.
The reason is that even though the site had been patched a search was not made for hacker files that were uploaded before the patch was applied.
Security, especially as we are all in ecommerce, is paramount and you need to ensure that all patches are applied as soon as they are released.
You should also check to ensure no strange files have been placed on your server or existing files changed.
There is a new attack sweeping the internet currently which seems to be hitting any site running SQL and it is extremely brutal in that it wipes your data making it impossible to cleanse after a hack.
Once hacked you need to restore from a back up, if you have one.
Big Yellow Zone also have a security scanner that you can run on your site to check everything is ok:
Good luck!
Thank you
Cam Flanigan
The reason is that even though the site had been patched a search was not made for hacker files that were uploaded before the patch was applied.
Security, especially as we are all in ecommerce, is paramount and you need to ensure that all patches are applied as soon as they are released.
You should also check to ensure no strange files have been placed on your server or existing files changed.
There is a new attack sweeping the internet currently which seems to be hitting any site running SQL and it is extremely brutal in that it wipes your data making it impossible to cleanse after a hack.
Once hacked you need to restore from a back up, if you have one.
Big Yellow Zone also have a security scanner that you can run on your site to check everything is ok:
http://www.bigyellowkey.com/sql-injection-scanner-from-bigyellowzone-sqi127.asp
Please ensure all patches are applied, you have renamed your admin folder and finally your usernames and passwords are using strong enough characters to avoid a hacker from having easy access.Good luck!
Thank you
Cam Flanigan
Comments
Leave a comment
*Please enter the code shown into the box below
TrustGuard - PCI Security Scanner
