34SP.com Blog

Website Hosting Security

Website Hosting Security

Hello, I’m Joe and one of the helpdesk team that are available by phone, chat or email from 8 am til 8 pm Monday to Friday here at UK web hosting company 34SP.com. I’m here to blog about keeping your site safe and secure from potential threats. Security is key on the Internet, as no one wants their personal details to be distributed around the world for all to see. Websites can and do get hacked every day, but as long as you stay vigilent to the possible open doors that hackers can use, then you stand a better chance of keeping your website safe and sound. Don’t just think that it’s amateurs that get hacked either. The venerable New York Times had its display advertising system and website hacked just this past weekend.

FTP Access
If you are running a Personal Hosting or Professional Hosting Account, you would upload and update your site via FTP (File Transfer Protocol). As a security standard, we have an FTP Access Lock on these accounts, which is set to ‘Disabled’. This means that if you tried to use your FTP connection, it would be refused. This is the safest mode to operate in for the 90% of the time that you are not making updates to your website, as it means any unwanted connections will be refused. If you need further ionformation on updating your Access Level, please review the following link: http://www.34sp.com/hosting-library/ftp-security-measures.

Knowing When You Have Been Hacked
The next situation occurs if you notice something different, new or unwanted on your main website. This is usually an advert or a separate link to an illicit site. If you do notice something, please let the helpdesk know about this as soon as you can by emailing us here.

The most commonly hacked pages are index.html or index.php, as they are your front page to the website, and that gives their redirect or advert maximum exposure. Another target is your htaccess file. The htaccess file is commonly used for effecting or controlling the behaviour of files in the same directory. Again, if you notice anything that seems different, please let the team know, or alternatively upload a previous clean copy of your website to be sure that you are ok from here. This is another great reason to frequently back up your website data.

Help, My Website Has Been Attacked
It can happen to any of us at some point, you leave your site unattended and when you check it again, Google has placed a ”suspicious site” warning over your front page. First point of call would be the 34SP.com helpdesk. We can then run our virus scanner over the website and files contained on your hosting. We regularly revise the database to include new hack attempts such as iframes and all forms of ‘debase code’ that are pasted into the headers of html pages. This is a very effective way of determining the exact cause of the problem.

Letting Google Know Your Site Is Clear
Once we have identified the lines of code, we will then let you know how to remove them. Google will need to be made aware that the site has been cleared of the virus/hack. Google will need to have a request for this to be emailed to them. More information can be found here: http://www.google.com/support/webmasters/bin/answer.py?answer=35843.

Once Google has reconsidered your website, they will remove the warning and your site will then appear as per normal.

For more information on how to keep your site safe and secure, or to find out if there are any reported issues on our servers, make sure to check our support pages on: http://support.34sp.com/Main/Default.aspx and the status page on: http://status.34sp.com.