Procedure for detecting a virus Print

  • 0

In the vast majority of cases, hacking and infection occurs through vulnerabilities in the site script code. To protect against hacking, you need to carry out a comprehensive check of scripts for the presence of potential vulnerabilities in them, which, with certain requests to the site, will make it possible to create files or perform some other unwanted actions. In addition, you need to constantly monitor the release of updates for the CMS and add-ons, make updates immediately, and constantly monitor suspicious requests to sites in the logs. The presence of such suspicious requests can signal hacking attempts and indicate a specific vulnerability. You should refrain from installing add-ons, themes and other scripts from various untrusted sources on your site, because their developers may intentionally add vulnerabilities to them. It would be a good idea to periodically review thematic websites and forums on the Internet dedicated to website security, because... They often publish materials about new methods of hacking one or another CMS and the corresponding methods of protection.

Another hacking method is the theft of access passwords for the site using viruses on the computers from which work with the site occurs, in particular, work via FTP. To protect yourself, you need to periodically change your password and make sure there are no viruses on your computers, and also not use passwords on public networks (Internet cafes, free WiFi, etc.). An approximate procedure for infecting sites on the site:

Change FTP password

Try ordering a backup copy or restoring the site from your own copy. Perhaps the infection occurred recently and the copy of the site is clean. You can order our backup copy in your personal account.

UPDATE YOUR CMS, update your antivirus, check your computer for viruses. Check all sites on the site for extraneous files and viruses using specialized external services and scripts. Companies providing similar services can be found on the Internet. You can also order such a check from us by filling out an application from your personal account.

If you saved a suspicious or modified site file that appeared on the site, then use the timestamp of its creation to analyze HTTP POST requests to sites that were executed at that time. In some cases, information obtained from logs can help find vulnerable site scripts and third-party malicious files. Logs of HTTP requests to sites (access_log) for the last 14 days are available in the root of the site in the _logs directory

Note that the FTP protocol is not encrypted and the data is transmitted in clear text, so spyware can intercept information. That is why, for security reasons, it is better to use secure access instead of FTP.

Note that the FTP protocol is not encrypted and the data is transmitted in clear text, so spyware can intercept information. That is why, for security reasons, it is better to use secure access instead of FTP. For Unix hosting SFTP For Windows hosting FTPS

On Unix hosting, we recommend limiting FTP access by allowing it only from certain IP addresses.


Was this answer helpful?

« Back