They Check Your Website Security Everyday to Hack Your Website

Although you probably don’t know it there are probes scanning your website everyday to check your website’s security for weaknesses that can be used to hack your website.

These probes are generally looking to check if you have commonly used website platforms like Drupal, Joomla or WordPress, or probing your site looking for the location of your website’s MySQL database or webmail. Sometimes they are also looking for the location of a past hacker’s files that may already exist on your website server space.

And according to Google the number of people looking into hacking websites is huge. Here are just a few of the global searches on Google every month:

How to hack… 1,830,000

Webmail hack/hacking… 130,000

Hack this site… 110,000

Website hack/hacking… 82,000

Download hacking software… 74,000

How to hack a website… 27,100

PHP hack/hacking… 26,000

Joomla hack/hacking… 16,700

WordPress hack/hacking… 16,400

Hacking sites… 14,800

MySQL hack/hacking… 3,900

Drupal hack/hacking… 2,000

If you think the security of your website is your hosting providers responsibility then you should think again. Your web hosts concern is mainly for the security of their servers and the applications that they run on them, not the applications and scripts you run on them.

If you or your web designers install a content management system CMS or web platform like Drupal, Joomla or WordPress or any other commercial or free script the responsibility for your website’s security is yours. If your website gets hacked, the first response of your web great number may be to shut down your website until you get the problem fixed.

On one site I have been logging the probe activity for the past 12 months and have accumulated almost 200 different IP addresses used by these probes in 49 different countries, since they rarely use the same IP address more than once.

Since they rarely use the same IP address, attempting to ban the IP address from accessing your site has only a limited impact. These probes also make frequent use of proxy servers to avoid detection and the probes have names like Toata, Morfeus, ZmEu, Nasty and Wantsfly.

A typical probe may make anything up to 50 attempts in one session to locate install files, trying different combinations of shared locations or directory folder names. But there are some simple measures you can take to minimize the chances of one of these probes finding your script files and then hacking or hijacking your website.

  1. To minimize a probes ability to find the location of your web platform or other scripts it is highly recommended you DO NOT use the default locations and directory names during the installation course of action.
  2. You should NOT leave install files on your web server the hacker once having found could run again to change your configuration settings to access and control your scripts.
  3. You or your website administrator should be careful about the access file permissions given to basic script files. Badly designed scripts and poorly set file permissions on your hosting server can rule to some openings for hackers to access and adventure these files.
  4. Keep your own installed scripts up to date with any security patches.
  5. Avoid using free scripts not widely used, not well supported or not kept up to date.

* If you install a shared web application in the default locations with the default folder names supplied with the script, the probe knows exactly where to find your install files, because hackers also have access to and read the install manuals for shared web applications.

Is your website being checked for security?

One simple way to see if your website is being probed for security weaknesses is to check your websites hosting stats for 404 file not found errors. If you find a lot of errors for files and file locations that don’t exist on your site you will know your website is being probed for security weaknesses that could be exploited.

Do routine checks of your own website files to look for files and folders you have not installed. If you find something first check with you web great number they have not installed what you have found, before deleting it. Sometimes these files can not be deleted by you, so you will need to get your web great number site administrator to delete them.

For other website security checks and a complete evaluation checklist of your website covering over 120 different aspects of good quality website design visit

Leave a Reply