15 {{ upvoteCount | shortNum }}
15 {{ upvoteCount | shortNum }}

What's thr to steal from an empty house.

by bluefirepro
13 replies
Hello Everyone,

My name is Alex and I am new to internet marketing arena. I thought of trying my hand at WordPress and thought of building my blog around an expired domain.

The problem is that I am facing frequent hack attacks from different locations like Korea, Ukrainian, etc. To tackle all these I have applied AIO WP Security Plugin and its working pretty well.





My question is why someone wants to hack and empty site.

Regards
BlueFirePro
#empty #house #steal #thr
  • Profile picture of the author JohnMcCabe
    1) The site may not stay empty. If you develop the site and achieve some level of traffic, they can add links to your footer or other area and do all kinds of nasty stuff. From infecting visitors with malware to cookie stuffing and clickjacking and phishing to...

    2) Once they have access to your server, they can sometimes use your email account(s) to send spam or malware.

    3) some crackers use automated tools, looking for footprints left by Wordpress itself and various plugins. Once they find those, the software starts drilling even if it's a dry hole.

    Since your domain is a target, I suggest you avail yourself of one of the many tutorials on hardening your WP install...
    {{ DiscussionBoard.errors[8524233].message }}
  • Profile picture of the author lunarninja
    You need Secure live...
    Signature

    Looking FOR A TRUSTED HOSTING Provider? 12+ Years over 150,000+ Happy Customers! 1(877) 586-2772 Ex. 2441 http://www.lpwebhosting.com/

    {{ DiscussionBoard.errors[8524236].message }}
  • Profile picture of the author NewRiseDigital
    This is pretty common. They don't care about the content of your site they likely want access to your server. Some of the more common reasons you get this sort of traffic is so that they can try to either hijack your site to install malware, or to try to hijack your mail server in order to funnel spam through you as a mail proxy. If you run your own server make sure it's secure (switch off mod_proxy if you're running apache server and ensure you have a good firewall, plus check your logs regularly), if you're using shared hosting from a hosting company then you should probably ask them if they can help further.
    Signature
    Interviews With The Top Digital Marketing Experts - Get The New Book "Essential Digital Marketing For Small Business http://newrisedigital.com/book
    {{ DiscussionBoard.errors[8524237].message }}
  • Profile picture of the author misterkailo
    Wow this makes me never want to make a website lol
    Signature
    Limited Spots Left... How to Generate 150+ Leads Daily And Earn $3000-6000 Per Sale Without Talking To Anyone
    {{ DiscussionBoard.errors[8524246].message }}
    • Profile picture of the author NewRiseDigital
      It goes with the territory, and security is one of the responsibilities of running a website. It's something that most people new to creating websites aren't aware of until they get hit. Learn as much as you can about security from the start, put in robust measures at the start, and monitor regularly and you'll avoid a lot of hassle in the long run.
      Signature
      Interviews With The Top Digital Marketing Experts - Get The New Book "Essential Digital Marketing For Small Business http://newrisedigital.com/book
      {{ DiscussionBoard.errors[8524299].message }}
      • Profile picture of the author bluefirepro
        Thanks for insight guys.... earlier I thought of using cloudflare CDN as it has many of the security and speed up features but some how I didn't liked it.

        For now I am using "AIO WP Security and Firewall Plugin" and happy with it.

        Thanks again
        BF
        {{ DiscussionBoard.errors[8525105].message }}
        • Profile picture of the author damoncloudflare
          Originally Posted by bluefirepro View Post

          Thanks for insight guys.... earlier I thought of using cloudflare CDN as it has many of the security and speed up features but some how I didn't liked it.

          For now I am using "AIO WP Security and Firewall Plugin" and happy with it.

          Thanks again
          BF
          What didn't you like? We would most certainly add an extra layer of security, but we would still recommend using other security precautions as well.
          Signature

          Damon
          CloudFlare Community Evangelist

          Tips for using WordPress with CloudFlare

          {{ DiscussionBoard.errors[8527194].message }}
          • Profile picture of the author bluefirepro
            Originally Posted by damoncloudflare View Post

            What didn't you like? We would most certainly add an extra layer of security, but we would still recommend using other security precautions as well.
            I am saying this because I tried another CDN and felt it works better in terms of speed... and as far as security is concerned I have already taken precautionary steps in that direction.

            Plugin: Jsdelivr cdn

            I haven't found any other problem with cloudflare as such ... and may be I'll try once again to see it's full potential.

            Regards
            BlueFire
            {{ DiscussionBoard.errors[8528961].message }}
            • Profile picture of the author damoncloudflare
              Originally Posted by bluefirepro View Post

              I am saying this because I tried another CDN and felt it works better in terms of speed... and as far as security is concerned I have already taken precautionary steps in that direction.

              Plugin: Jsdelivr cdn

              I haven't found any other problem with cloudflare as such ... and may be I'll try once again to see it's full potential.

              Regards
              BlueFire
              Thanks for the update and for expanding on your comments. Much appreciated.
              Signature

              Damon
              CloudFlare Community Evangelist

              Tips for using WordPress with CloudFlare

              {{ DiscussionBoard.errors[8545826].message }}
    • Profile picture of the author Fredbou
      Hey, don't be put off! Choose a host wisely, install all possible updates and it's fine!
      Signature

      {{ DiscussionBoard.errors[8528531].message }}
  • Profile picture of the author DubDubDubDot
    The attempts were automated since they happened at the exact same second. They could be trying a long list of WP sites with a predictable user/pass and hoping for some hits.

    For example...
    u:nameofsite p:cat
    u:nameofsite p:dog
    u:nameofsite p:bird

    They do that for enough sites and eventually they get in. Definitely don't use dictionary words as your password.
    {{ DiscussionBoard.errors[8525207].message }}
    • Profile picture of the author Fredbou
      Originally Posted by DubDubDubDot View Post

      The attempts were automated since they happened at the exact same second. They could be trying a long list of WP sites with a predictable user/pass and hoping for some hits.

      For example...
      u:nameofsite p:cat
      u:nameofsite p:dog
      u:nameofsite p:bird

      They do that for enough sites and eventually they get in. Definitely don't use dictionary words as your password.
      Go for a complex password: Complex password generator ~ CopySense

      Most passwords are easy to break.
      Signature

      {{ DiscussionBoard.errors[8528541].message }}
  • Profile picture of the author Fazal Mayar
    try to get a security plugin like login lockdown but make sure to backup in the future
    Signature

    Blogger at RicherOrNot.com (Make Money online blog but also promoting ethical internet marketing)

    {{ DiscussionBoard.errors[8527951].message }}

Trending Topics