Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

protect against abuse and hacked clients

orthohin
Grand Master

on ‎12-11-2012 06:46 PM

Our clients get hacked some times, this results of phishing websites being uploaded. Every time that happens we receive abuse mails from our DC that requests to delete those websites.
Of course we do, but the DC's system is problematic and some times we do not receive their abuse mails. This is very dangerous because if we do not respond they will shutdown our server.

Is there any software that can scan the server and delete/report any found phishing websites? I tried with maldet+many databases and nothing worked.

How do you deal with this?

Thanks

0 Kudos
1 REPLY 1

Sogo7
Grand Master

on ‎13-11-2012 02:19 PM

  1. Did you sanitise your form inputs against javascript or SQL injection when you built the websites?
  2. Are your clients using outdated versions of WordPress?
  3. When did you or your clients last use Antivirus?
  4. When did you or your clients last change thier WiFi password?*
  5. Did you or your clients EVER change the default password on the router**

 

*   You should NOT be using WEP encryption, set WPS status to 'Locked' & disable remote configuration.

**  It never ceases to amaze me how many people still use 'Admin' as both username & password.

 

Options one and two are the most common points of entry, both are the result of bad or sloppy code from the web design/ developers responsible for the site. You could add a watchdog script to the site that checks every page for code that does not belong and remove it but really the best thing to do is stop it getting inside to begin with!

Lovelogic.net UK Jobs Scanner
0 Kudos