Hacking of my website

Content

Websites are continuously targeted by hacking attempts.
Hackers seek to exploit security holes in your PHP applications mainly to send SPAM, but it can also be for phishing or simply "fame".

Phishing

As a subscriber, you are likely to receive a phishing email one day.

Magic Online can also be the target of a phishing campaign, aimed at its own customers.

Phishing is a technique used by fraudsters to retrieve confidential information, especially banking information. To do this, the fraudster creates a web page that is similar in every way to that of a trusted authority (bank, paypal, etc.). He then sends e-mails to Internet users inviting them to visit the web page under various pretexts.

The email is usually sent to random email addresses, for example contact@domain. Or because your email address is clearly displayed on your website.

The victim finds himself on the fraudster's page, but thinks he is on the company's page (his bank for example). The victim enters his identifiers or bank details in complete security and the fraudster enters them in the process.

Often, the fraudster even plans to redirect the victim to the real site, so that he or she does not suspect the fraud at all.

The fraudster therefore needs a space to host his fraudulent page. Most of the time, he will use an existing website in which he will find a security flaw allowing him to discreetly host his page without the webmaster knowing.

There are countless bots constantly scanning the internet for fallible sites. Fraudsters are extremely well organized to reach the maximum number of victims and host as many fraudulent pages as possible. It is imperative that you make sure that security of your website especially if you use scripts PHP known as CMS.

Consequences of Phishing

For you You are entirely responsible for the content hosted by your website. In the event of a complaint being filed or a legal investigation, you would be exposed. You would have to prove your good faith and demonstrate that these pages were hosted without your knowledge.

For your site The image of your website may take a serious hit: your site may be quickly blacklisted by search engines and referenced as a phishing gateway. Moreover, your site may slow down and have strange behaviors.

Action as a host We will be legally obliged to disable the hosting once we have been informed of phishing. This is why we systematically suspend the accounts responsible for phishing. This suspension is always accompanied by a ticket opened by our team and sent to the customer's e-mail address. We try to include as many details as possible about the phishing, usually theURL of the fraudulent page being hosted. It is imperative that you respond and take immediate action to remedy the situation.
Action as a customer Prevention is better than cure. But if the damage is done, all you have to do is what should have been done regularly: you care about the security of your website and especially the application of updates and security patches distributed by the script editors PHP that you use.

Preventive advice

Applying these recommendations will reduce the risk of hacking.

Make regular backups of your website (files and databases).
Do not host abandoned sites, or dubious files.
Change your FTP and database passwords regularly.
Use strong passwords: they must consist of 8 characters minimumIt mixes lowercase letters, uppercase letters, numbers, and special characters.

Curative advice

Here is what you can do if your site has been hacked:

Change your FTP password
Change the password of the database used by the site
Remove the hacked website from your hosting
Restore a backup healthy of the website
Update the code of your site and its components

In addition we advise you to :

Check, by hand, if files have been uploaded to your hosting without your knowledge and delete them
Perform an antivirus scan of your computer
Scan your site with a tool like aeSecure
Improve access control to hosted resources using files .htaccess

CMS

CMS, whether it is WordPress, Joomla, Drupal, MadeSimple, SPIP, Prestashop or OScommerce, must always be kept up to date. Indeed, the PHP code of your applications is the only vulnerability of your site.
Not doing the updates increases the risk of hacking . You should also be careful not to use insecure or outdated components (abandoned by its developers).

WordPress

Being very popular, WordPress is despite itself the most targeted by hackers. However, it is very easy to avoid this by following these simple rules:

Keep WordPress up to date with the latest version
Update all its plugins
Update all its themes
Delete unused themes and modules

Useful links

The official WordPress website, for the latest information on its updates: https://wordpress.org
The WPScan Vulnerability Database which maintains a list of known vulnerabilities for WordPress, its themes and plugins: https://wpvulndb.com/
A site that gives a method to clean a hosting, via SSH : https://buzut.fr/reparer-wordpress-hacke/

Useful Joomla links

Official website of Joomla : https://www.joomla.org/
Lists of vulnerable Joomla modules : http://vel.joomla.org/

Useful links Prestashop

Information about the Warehouse theme flaw and its modules: http://iqit-commerce.com/securityhotfix/

Case currents of security breaches

Security hole in your website : The scripts used have known security flaws
Unsecured password Password too short, or too easy to guess or crack
Fault in your PC A virus/malware allowed hackers to obtain your passwords

Website redesign

You can follow our assistance if you need ask for a review of your website.

Updated on 16 December 2022

Tagged: Website