Hackers, how do they get in to your website and hosting account? In today’s wild web, it just seems like sometimes you can’t keep hackers out!
Here’s what happened recently to me. I set up a new hosting account at a quality hosting service (not GoDaddy). The same day I loaded the site files, the site was hacked. Files were loaded and links to malware installed in newly created pages that mirrored my own site pages but with a .shtml instead of .html.
The host told me that all was secure and although the site was in a shared hosting environment that their network was not where the hack came in.
The only thing that I can possibly think of that caused the problem for this non-WordPress site is I emailed the passwords to the client. What the client did with the logins, I do not know. I am not sure if he even tried to login, but doubt it.
The host said that possibly a hacker got into the site via a field in the contact form, but there is a Captcha and tests for validity of information and on top of that no database connection for the form. I am mystified!
What I do know is that sometimes you just do not know how hackers get in, could they tunnel in from the host? Could they intercept logins by email? Could they be trawling the web for new hosting set ups and attack them? Your guess is as good as mine.
One thing I do know is that there is a new hack for WordPress websites that targets new hosting accounts where WordPress installation has not been completed. There are bots that are scanning the web for these new sites and coming in via WordPress setup files and taking control of hosting. Could this type of attack possibly be what I experienced? It is possible.
What I do know if that prompt action to clean up, wipe the server, and change all passwords for hosting and FTP and also no longer emailing logins is our newest protocol.