linux_log_viewer

A quite unglamous but realistic representation of what someone’s screen looks like when they’re analyzing hacker activity.

Q1: Is my site secure?

A1: There is no such thing as a website (or any internet-connected software system) secure from hackers. If this were true, there would not be nearly daily news reports of millions of credit cards stolen from major companies, medical records, and acting accordingly is key to a solid security strategy.

Q2: What is the nature of most hacks you’ve seen?

A2: Most are automated and then exploiting those vulnerabilities to post the advertisements or whatever modifications they intend to make.

Q3: What should I really care about?

A3: Because of A1, the primary thing you should care about is what data will be exposed if you are hacked, and the status of your backups. Secondarily, whether your software is up to date (covered further down.)

Q4: What are you already doing to make it more secure?

A4: First by taking a realistic approach to security. We realize that everything is vulnerable so we try to monitor everything as best we can, without forgetting that we cannot see everything. We run online and being prepared if it fails.

Q5: How can we make it more secure?

A5: We stress A1 because the primary factor is lack of realistic expectations. Beyond that, in our experience the primary factors in a typical website hack are low-quality passwords, outdated WordPress installations, outdated themes, unused themes, extraneous plugins, outdated plugins, lack of a security plugin, and lack of monitoring.

The primary defenses, aside from addressing those issues directly one by one, are 1. Backups and really, nationwide) failure to accept that second tenet.

A common problem we see is that clients building website make feature requests without factoring in the security vulnerabilities that fulfilling that request will make by the nature of its requirements in terms of additional plugins which widen the site’s attack surface area. The goal should be to minimize this by reducing the site’s requirements to the least possible, therefore running the least amount of software possible to meet those requirements, thus reducing the surface area as well as reducing the maintenance work required to keep everything updated.

Remember that keeping your WordPress, all plugins, and themes up to date is important, but it will not make it impenetrable, because A1.

Q6: What is covered in my hosting plan?

A6: Installation and is billed at the usual rate.

Q7: Do you do hack cleanups?

A7: Yes, even on other hosting environments, and see if the hackers go away on their own with no changes. This in fact does happen, but it’s not advisable to simply leave the door they used to get in open for them to return.

Q8: If my site gets hacked, what do we do?

A8: Call us first of course. What we normally do is make a snapshot to preserve and ban every IP involved at the firewall level.

Q9: Why so rarely on your own servers? Are you better than others?

A9: Not saying that. We do not know whether we have simply been lucky, whether the security defenses we have in place work well, or whether there simply aren’t enough sites or the sites aren’t important enough to garner real attention. There is no way to know the answer to that question.

Q10: I have reason to believe we will be particularly targeted due to activity on other sites we own. What should we do?

A10: Aside from updating everything, reducing your attack surface area, andled by the security plugin or other intrusion detection systems.

Q11: What about PCI compliance?

A11: For a period of time our servers were PCI-compliant and therefore we are confident with this decision. Read more here if you’re curious about that subject.