8 {{ upvoteCount | shortNum }}
8 {{ upvoteCount | shortNum }}

A number of Philippine Sites were hacked!

by Go4DBest
7 replies
Greetings Warriors!

I am not sure if this kind of thread is applicable in this section but I just need to let you know that we must boost the security of our websites.

Hackers are just out there.

These are some of the sites:

HACK BY Chinese
HACK BY Chinese
HACK BY Chinese

There are still more...,

Please pray for the Philippines. I hope this problem will be solved in a peaceful way.

I know we have both Chinese and Filipino Warriors.

Thanks,
G.B.

P.S. Please Mods, consider this thread. I think Philippines is in a serious situation right now.
#hacked #number #philippine #sites
  • Profile picture of the author PatriciaJ
    About 15 of my WP sites were hacked a few weeks ago. It's getting more common and because of the time lost getting them sorted and continuously checking and updating, and the security alerts I'm seriously thinking about changing most of them them over to html.

    Don't think it wise to include the links to hacked sites
    {{ DiscussionBoard.errors[6229895].message }}
  • Profile picture of the author donmodo
    So wp sites also get hacked. I thought it was difficult to hack wp sites, considering the fact that many people use them and they have no security-loopholes.
    {{ DiscussionBoard.errors[6229913].message }}
    • Profile picture of the author Tom B
      Banned
      There is a territorial dispute between Philippines and China. So that may be the reason Filipino sites have been targeted.
      {{ DiscussionBoard.errors[6230165].message }}
      • Profile picture of the author donmodo
        Originally Posted by Thomas Belknap View Post

        There is a territorial dispute between Philippines and China. So that may be the reason Filipino sites have been targeted.
        I agree with you on this one.
        {{ DiscussionBoard.errors[6231364].message }}
  • Profile picture of the author OldLodgeSkins
    I know a lot of people just install a CMS (WHATEVER the CMS be it WP or another one, personally I'm a Joomla fan) and... That's it. They think they're done.

    WRONG!

    You should always:

    • Install some anti-injection component or plug-in. I get SQL / PHP injection attacks every day. These are the most common.
    • Protect your administrator folder with a .htaccess file. People trying to access anything within that folder should be required to identify themselves, even before reaching the admin login form.
    • Install some backup component. So you can easily backup your website and restore it. I can do that with mine within 10 or 15 minutes, actually what takes the most time is to transfer the files over.
    • Of course once you have installed the component you should do regular backups and download them to your local computer to keep them safe. Don't leave them on the server.
    • Keep an eye on your detailed stats, investigate any IP address that seems to have an abnormal behavior, ban those that belong to known spammers (I do that with my main .htaccess file, it's easy, Deny from xxx.xxx.xxx.xxx and you're done). A simple Google search on the IP will often bring you to the Project Honeypot where spammers IPs are listed.


    Seb.

    PS: Donmodo... You're dreaming, pal No security holes? Unless of course you were being sarcastic.
    Signature
    Do you use Facebook ? Then you can make money just by inviting people to a Facebook group ! It's called the Instant Income System. How cool is that?
    {{ DiscussionBoard.errors[6230221].message }}
    • Profile picture of the author mrelk159
      Originally Posted by OldLodgeSkins View Post

      I know a lot of people just install a CMS (WHATEVER the CMS be it WP or another one, personally I'm a Joomla fan) and... That's it. They think they're done.

      WRONG!

      You should always:

      • Install some anti-injection component or plug-in. I get SQL / PHP injection attacks every day. These are the most common.
      • Protect your administrator folder with a .htaccess file. People trying to access anything within that folder should be required to identify themselves, even before reaching the admin login form.
      • Install some backup component. So you can easily backup your website and restore it. I can do that with mine within 10 or 15 minutes, actually what takes the most time is to transfer the files over.
      • Of course once you have installed the component you should do regular backups and download them to your local computer to keep them safe. Don't leave them on the server.
      • Keep an eye on your detailed stats, investigate any IP address that seems to have an abnormal behavior, ban those that belong to known spammers (I do that with my main .htaccess file, it's easy, Deny from xxx.xxx.xxx.xxx and you're done). A simple Google search on the IP will often bring you to the Project Honeypot where spammers IPs are listed.


      Seb.

      PS: Donmodo... You're dreaming, pal No security holes? Unless of course you were being sarcastic.
      I agree, you can never be too safe and make sure always to back up your files no matter what you do.
      {{ DiscussionBoard.errors[6231836].message }}
  • Profile picture of the author azmanar
    Hi,

    When you say hack, did you mean the sites were defaced or hijacked?

    I have a WF Blog Post on basic WP Security.

    Take a look.
    Signature
    === >>> Tomorrow Should Be Better Than Today
    {{ DiscussionBoard.errors[6231626].message }}

Trending Topics