Help Stop Domain Hacking

Seattle Mike · 09-10-2008, 04:17 PM

Just a little warning to everyone. I was looking at my stats and saw a wacky domain name as a referring domain. Went and looked at it and it was a list of thousands of usernames for hosting accounts.

Remember when you set up your domain and just used the default first 6 letters of the domain? This makes it incredibly easy for anyone with a Password cracker to just set it to keep trying combinations until they get in.

It might take them a long time or they might get lucky.

Bottom line when you set up a new domain at your host and are adding your username and password. Change the username to something hard to guess.

Just a reminder;

I did the same thing for years using the default. But after seeing all my usernames listed, that gets me thinking.

Any comments?

Preben Frenning · 09-11-2008, 03:46 AM

My domain got hacked once.
It was my fist website, and I hadn't even started promoting it.
He "stole" my account, so I couldn't log in. Luckily, I was lgged in on another computer, and managed to take it back immediately.

The hackers had only changed my index file to "Haxxed. Sorry..." or something.
Anyways, I found it strange to hack a domain without any traffic OR content!
So it must be some software doing it to many domains I guess...

timer · 09-11-2008, 04:24 AM

I thought changing the default password of anything was the first thing savvy users do. I never leave default passwords for anything and haven't for years.

When I bought my first house it came with a burgular alarm fitted and my first 2 jobs were changing all the locks and the alarm code. Better safe than sorry I thought. Everything online is far more vulnerable than my house. Like most things in life it comes down to common sense and being prepared to make the extra effort.

Preben Frenning · 09-11-2008, 05:42 AM

Well, I changed the password to a HARDCORE one. Impossible to guess.
Different caps and numbers, but it still got hacked.

Eric Lorence · 09-11-2008, 06:30 AM

Quote:

Just a little warning to everyone. I was looking at my stats and saw a wacky domain name as a referring domain. Went and looked at it and it was a list of thousands of usernames for hosting accounts.

What you're talking about is referrer spam and pretty difficult to stop, you could tweak your .htaccess, but soon you will find dozens- if not hundreds of these Free web host accounts linking up to yours.

Referrer spam has nothing to do with your own domain being hacked.

These are generated by bots with the goal of getting on the front page of blogs and sites that show their referrers on the front page.

Good luck!

09-10-2008, 04:17 PM	#1
Seattle Mike HyperActive Warrior War Room Member Join Date: Dec 2005 Location: Seattle, WA Posts: 243 Blog Entries: 3 Thanks: 104 Thanked 41 Times in 38 Posts	Help Stop Domain Hacking Just a little warning to everyone. I was looking at my stats and saw a wacky domain name as a referring domain. Went and looked at it and it was a list of thousands of usernames for hosting accounts. Remember when you set up your domain and just used the default first 6 letters of the domain? This makes it incredibly easy for anyone with a Password cracker to just set it to keep trying combinations until they get in. It might take them a long time or they might get lucky. Bottom line when you set up a new domain at your host and are adding your username and password. Change the username to something hard to guess. Just a reminder; I did the same thing for years using the default. But after seeing all my usernames listed, that gets me thinking. Any comments?
	~Michael Johnson It Is Really Easy To Put Off Til Tomorrow What You Could Get Done In An Hour... Do Something Today. Grab 7 FREE Internet Marketing Guides Internet Marketing Tips

09-11-2008, 03:46 AM	#2
Preben Frenning Creative Kid War Room Member Join Date: Aug 2008 Location: Oslo, Norway Posts: 653 Blog Entries: 1 Thanks: 125 Thanked 63 Times in 51 Posts Social Networking	Re: Help Stop Domain Hacking My domain got hacked once. It was my fist website, and I hadn't even started promoting it. He "stole" my account, so I couldn't log in. Luckily, I was lgged in on another computer, and managed to take it back immediately. The hackers had only changed my index file to "Haxxed. Sorry..." or something. Anyways, I found it strange to hack a domain without any traffic OR content! So it must be some software doing it to many domains I guess...
	My IM blog - Teaching you about Offline Riches, SEO and much more! X*Download This FREE Keyword Research Tool - No Opt-In Required!***X Yeah, I'm a DJ Too - Progressive House/Trance Twitter? - http://twitter.com/Preben_Frenning

09-11-2008, 04:24 AM	#3
timer Active Warrior Join Date: Feb 2008 Location: Great Britain in the sunny south west Posts: 82 Thanks: 4 Thanked 1 Time in 1 Post	Re: Help Stop Domain Hacking I thought changing the default password of anything was the first thing savvy users do. I never leave default passwords for anything and haven't for years. When I bought my first house it came with a burgular alarm fitted and my first 2 jobs were changing all the locks and the alarm code. Better safe than sorry I thought. Everything online is far more vulnerable than my house. Like most things in life it comes down to common sense and being prepared to make the extra effort.

09-11-2008, 05:42 AM	#4
Preben Frenning Creative Kid War Room Member Join Date: Aug 2008 Location: Oslo, Norway Posts: 653 Blog Entries: 1 Thanks: 125 Thanked 63 Times in 51 Posts Social Networking	Re: Help Stop Domain Hacking Well, I changed the password to a HARDCORE one. Impossible to guess. Different caps and numbers, but it still got hacked.
	My IM blog - Teaching you about Offline Riches, SEO and much more! X*Download This FREE Keyword Research Tool - No Opt-In Required!***X Yeah, I'm a DJ Too - Progressive House/Trance Twitter? - http://twitter.com/Preben_Frenning