Everyday in the news you hear or read about websites being hacked. From small companies and personal sites to banks, large corporations and even the government sites. This is a trend that will only continue to increase.
There are many threats present today. The most common include:
- Denial of Service (DOS or DDOS) attacks
This is where an attack is launched on a website so severe that either slows down visitor access to a site or completely stops it.
- Brute Force Attacks
This is an attack where a script constantly sends random user names and passwords to try to login to a website account. As the name implies, it can be brutal.
- Cross Site Scripting (XSS) Attacks
XSS enables attackers to inject client-side script into web pages viewed by other users
- SQL Injection
SQL injection is a code injection technique, used to attack data-driven applications
All of these threats are malicious in nature. One of the worst parts is that if your site becomes infected by code injection or cross site scripting, you can infect computers of visitors coming to your site. Not a very good thing for your business reputation.
We all have (or should have) some kind of antivirus installed on our computers. We have, for years, used antivirus software to protect them from viruses attached to emails. Now we have to protect them from simply viewing an infected website.
Cape Fear Technologies announced to all of our customers that host their websites on our cloud that they must implement a website monitoring service named Wordfence. The Wordfence service constantly monitors websites for the presence of malicious code and if present it will alert us. This is of up most importance. This is to protect you, your visitors and other websites on our cloud from cross contamination.
Google and others search engines are now randomly scanning websites. If Google detects that a site to contains a threat, it will be blacklisted and this is what a visitor will see when they try to view a blacklisted site:
If your site is experiencing repeat infestations, it is probably being caused by compromised or outdated website scripts (plugins and themes in the case of WordPress). Cape Fear Technologies does monitor our customer websites to ensure that all software is up to date.
In addition we also implement a Website Firewall. All visitors (authentic and malicious) that visit a website behind a firewall must first pass though the firewall which authenticates the visitor and then they are presented with the site content. You may think that this would slow down access to your website but it does not. In fact, it increases the site performance though performance optimization caching algorithm.
The firewall is initially automatically configured to immediately block access to know world regions with high occurrences of hacker attacks such as China, Russian Federation and Turkey without going through the authentication process. In some cases we have added other regions as we can see where in the world attacks are coming from on our firewall monitoring control panels.