You are using an outdated browser. For a faster, safer browsing experience, upgrade for free today.
AWS Certified Cloud Practitioner AWS Certified Solutions Architect
Menu
Blog

Websites In The Firing Line

01 Jun 2020
Attacks on websites have suddenly increased. Alerts like the following started arriving in my inbox about 2 days ago for many of the WordPress sites I manage:

These are "hacktivists" looking for vulnerable websites to upload political front pages to. This is a common occurrence when big events happen, as in the US right now. Major events in the middle-east or places like Hong Kong also trigger a spike in attacks but this one is the largest increase I have seen. The usual aim of hacktivists is to deface as many websites as possible with messages of support for one side or other in a conflict. This is what I believe we are seeing now. Of course, you have no control over what some unknown person on the internet wants to use your brand to say, and some hackers will not stop at that, so you should protect your website.

If you have a WordPress website then I recommend you do the following things asap:
  • Lock your site down and get some monitoring software onto it. WordFence is pretty good because it compares WP core, theme and plugin files to their reference versions and lets you know if anything has been added or changed by a hacker.
  • Get your DNS on Cloudflare so you can cache burst traffic and protect from a DDoS attack.
  • Add a rule to your Cloudflare Web Application Firewall to capcha the login page of your site.
  • You should also look into external monitoring services to alert you when your website is down, appears on any blacklists, and to do a nightly security check.
If your website is hosted with GMAC Internet Solutions then DON'T PANIC because my recommendations above have already been done. Your website is being protected by an extremely capable and reliable combination of technology, platform and tools. And if something does go wrong, everything is backed up and can usually be repaired within minutes.

I am also receiving virtually non-stop attempted login alerts like these:

Hacktivists are trying to get in to any accounts they can by trying to guess passwords. An email like above is triggered by 20 incorrect logins in a row. The pattern I see is 20 logins attempted, wait 4 hours, then try another 20, repeat. To protect yourself from these attacks I recommend:
  • Change your admin passwords asap.
  • Check all your passwords using https://haveibeenpwned.com/Passwords to see if hackers and have them in their databases. Those databases of known passwords are used in automated scripts for brute-force login attacks. An attacker loads a database of likely login names and a list of known passwords and leaves the script to run until one works.
  • Enable two-factor authentication on every account where it is available so that even if a hacker has your password they will need a second code provided by your mobile phone to log in as you. Twitter, Facebook, LinkedIn, Google and almost every other major tech platform has 2FA now so do it.

You might ask "Why would my website, email, hosting provider or domain be targeted?" There is usually no reason. If your site is on Google then it is in a database of sites. Hacktivists usually have some targets that they feel are related to an issue and they put in extra work to get into them. Everybody else is just caught up because they exist. Most attacks on websites or user accounts are scripts running on botnets that run automatically with no user intervention until an exploit is found. It is rarely personal.

If you have any questions about the above then contact me. I am always here to help you.

Gerard McDermott
GMAC Internet Solutions



Gerard completed an Honours Year on top of his Bachelor of Science degree at Deakin University studying Distributed Operating System Security.

Return to Blogs index



AWS Cloud Certified

AWS Cloud Certified

I am now an Amazon Web Services (AWS) Certified Cloud Practitioner AND an AWS Certified Solutions Architect. This certification demonstrates that I that know all the AWS core services, know how to set up security and encryption in AWS services, understand networking of AWS instances, and can optimise cloud pricing for myself or others.
SEO And Google AdWords Are Now Part Of The Team

SEO And Google AdWords Are Now Part Of The Team

To kick off 2020 with a bang, I am proud to announce that I have now added SEO and Google AdWords services to my team. That means top quality Google advertising, lead generation, search engine optimisation, remarketing, social media advertising are now available to add to your website.
This Is The Best WordPress and Website Hosting

This Is The Best WordPress and Website Hosting

I set up an amazing hosting platform to run my business on. Everything I do uses Amazon Web Services. Here I will describe how my AWS website hosting works. This is not the full picture, though - there are a lot of other tools that I use to deliver websites that are FAST, reliable and a pleasure to use. This will give you an idea why my sites are so quick and why yours should be too. The entire approach is to make every operation run in parallel on infrastructure that is most suited to each kind of task required to build a web page. Read about how I do it.
Sharing The Load

Sharing The Load

When making any modern website or software application we use a team of people to make sure the job is done properly. When running a modern website or software application we use a team of computers so that their job is done properly as well.
Living On The Edge

Living On The Edge

When I meet a web professional who does not use CloudFlare it's like meeting a time traveler from the past. Cloudflare has servers all over the world that intercept the traffic to your website to make sure if it is safe. Imagine if all those CloudFlare servers could be used for other tasks. Now they can.
4 Big Reasons Why Your Website Needs Cloudflare

4 Big Reasons Why Your Website Needs Cloudflare

Most people only know Cloudflare as DNS management, but it also provides a suite of essential tools for a modern website. An SSL certificate, content delivery network, on-the-fly page optimisation and page rules, and protection from the rest of the internet.