Feb 24

Website Security, and Why It’s So Freaking Important.

Aside from providing web development services, we also have the unique opportunity to partner with a leading web hosting and datacenter management company, IDAGroup, better known in the consumer market as “Hosting Direct“. This unique partnership has not only benefited our clients, but it has provided us with a unique insight into various web development practices, helping us develop, improve and fine-tune our procedures by pointing out what they call, “the wrong way of doing things”. Over the past few years of our partnership we have had the opportunity to assist countless victims of hacking with recovering and securing their websites. Working with these unique situations has given us the opportunity to formulate an understanding of the motivation behind these attacks and develop a solid understanding of the importance of website security and regular maintenance.

The point of the story is, just because your website doesn’t store credit card info, save personal information about customers or doesn’t really get a lot of traffic, DOES NOT MEAN YOUR WEBSITE WON’T BE HACKED!

Contrary to popular belief, it’s been my experience that 85% – 90% of hacks are not specifically targeted at e-commerce sites in attempts to steal stored credit card information (although that is definitely something any e-commerce merchant needs to be very careful about), it’s very common that the websites being hacked aren’t typically what could be considered “high profile” websites, and a lot of hacked websites have been operating without any issue for years without issue.

The point of the story is, just because your website doesn’t store credit card info, save personal information about customers or doesn’t really get a lot of traffic, DOES NOT MEAN YOUR WEBSITE WON’T BE HACKED!

Hackers aren’t necessarily after the information that would be on your website

The problem is that in today’s world, our web development processes have been getting to the point where many sites are being built using “standardized” platforms. The most commonly targeted sites are typically also using one of many popular open source CMS, or content management systems (i.e.-WordPress, Joomla!, etc.). While the growth and adaptation of these platforms has helped reface the Internet by making an attractive and dynamic website within everyone’s reach, that same popularity has made it very simple to track, identify, and exploit unwitting site owners while they are essentially “asleep at the helm”. Simply Googling for the term “Hack WordPress“,” Joomla! Vulnerabilities“, “Drupal Injections“, etc. will provide the ill-intentioned how-to guides teaching them how to identify and inject your website with malicious code, with video tutorials to help make sure they don’t mess up and not hack your site.

6scan Web SecurityYou might be saying, “Well there’s absolutely nothing on my website, why would anyone bother trying to hack it?” To that question, I would reply, “Because you are exactly who they would be targeting”. Hackers aren’t necessarily after the information that would be on your website, many hacks are made simply to provide a veil of anonymity while opening phishing portals in an attempt to steal personal banking information, and other valuable information from unknowing account holders. Most successful websites are successful because of responsible web maintenance, regular updates, and continued polishing.

Author Description:

Bowie

facebook twitter in