Frequently Asked Question
How Was My Site Hacked?
Last Updated 6 years ago
How was my website hacked?You may be wondering "How was my website hacked?"
Here are the two main reasons why websites get hacked:
1 ) A script vulnerability was exploited. (most common)
If you installed a script and failed to keep it updated, you can be all but certain that is why you were hacked. It is imperative that you regularly update all the scripts you use. Script developers endlessly release new versions that patch discovered vulnerabilities. New vulnerabilities are introduced into the code as script developers code new features. Discovered vulnerabilities are patched; new features are coded, which introduce new vulnerabilities. It is a never ending cycle.
2 ) A password was compromised.
Our hosting servers feature Brute Force Protection. Brute force is a technique used by evildoers to defeat password protection mechanisms; this technique involves trying a large combination of passwords until the correct password is guessed. After a few unsuccessful login attempts, the person attempting to login is locked out from any further login attempts on our hosting servers. Therefore your password cannot be defeated by brute force.
If your password cannot be defeated by brute force, how could an evildoer defeat password protection on your account? Here are two reasons:
1) You are using a ridiculously weak password.
Use a secure password. A secure password is a random combination of lowercase letters, uppercase letters, numbers and special character symbols. A ridiculously weak password, for example, would be your username. Another example of a ridiculously weak password would be "admin". Ridiculously weak passwords can easily be guessed in a single login attempt. If you were using a ridiculously weak password, that is probably how the evildoer hacked your website. You can generate strong, secure passwords inside cPanel using the random password generator.
2) Your workstation is compromised.
If you do not keep your workstation clean and secure, an evildoer could have access to all the passwords you use on your workstation.
Install these free Windows security software packages:
A) MalwareBytes download it free at http://www.malwarebytes.org
B) Microsoft Security Essentials download it free at http://windows.microsoft.com/en-us/windows/security-essentials-download