Site hacking risks

The Webmaster World forum provides an overview of the various methods used by hackers to attack sites and redirect traffic in their favor.

Piratage

Therefore, from time to time it is necessary to check a certain number of points by going to the server with an FTP client .
You will find tools to protect or eliminate various violations.

Hacks, symptoms and solutions

Malicious script

When a hacker manages to find an access code to your site, he can bring in a malicious script (malware) hidden on one of your pages, the home page more often, thanks to the iframe tag.

Against this, visit Google's webmaster tools. This type of attack is identified and displayed in the diagnosis. Search engines also report about it in the results, it is enough to search for your own site.

Robots.txt

This file can be added or modified by the competitor. This may prevent search engine robots from indexing your pages!

It's easy to check, enter the URL of the robot to check it!

http://www.example.fr/robots.txt

There is only one robots.txt file (or not at all) and it is read at the root of the site by crawlers.

Clocking

This disgusting name means the fact of posting content that is invisible to users and visible only to search engines. The goal for a hacker is to post promo links on a dubious site, and this greatly harms the SEO and the trust factor given by search engines to each site.

The first parade is the use of the Link Checker command line with the -v option to display all xrefs or Xenu Link Sleuth software.

.htaccess modified

This Apache server configuration file is very powerful because it provides full control over redirects and file access.
A hacker can use it to redirect visitors to his close site. So the effect will be visible in the form of reduced traffic.

You cannot check it from the browser, you must use an FTP client (for example, FreeFTP) to locally repatriate the file and view its contents. It must match the local copy or the default instance provided with the CMS.

Replace Adsense Code

Once a hacker manages to enter your web space and can change something in your files, they can change the client's ad code and generate revenue from your traffic. I often read such complaints on forums: "My income suddenly fell, they are almost zero! What's happening?".
Answer: "Make sure the customer ID in listings is still yours."

The Adsense admin panel provides a means to prevent ads with your client code from being placed on other sites, but you cannot prevent ads with someone else's client code from running on your site (at this time).

If a hacker is a beast, he will change the code of all ads to make the most money and will be quickly discovered, but if he is smart, then hacking may be more difficult to detect.
Suppose a thief visits your site every night while you are sleeping, changes the client code through some script (they are very capable of executing such scripts when there is a lot of money to win), and at dawn, let him return to your site and return your client code. You will see a drop in income, but you don't know how to explain it!

To protect against this kind of cunning hacking, a PHP script is provided on .fr under the Mozilla license: Adsense Checker allows you to automatically check the Adsense code in the string on all pages of the site.

Changing scripts

A hacker can add scripts or edit existing ones on your site. The purpose of these malicious codes may be to use the site to send mass spam, or to control the site or collect banking information.

Again, we have an open source program in PHP for control: Script Checker.
This program attacks smart hackers who can post scripts to your site to change its content on demand. All scripts on the site are compared with the originals in the local directory. In addition, scripts or other files not contained in the source are also detected. This time again nothing is written on the site.

If CMS is used, then for comparison with the online code on the site being checked, you must have a local copy of its code downloaded from the author's website .

With these two tools, you should be able to protect your site from hackers. Launch them from time to time, at different times, and any intrusion will be accurately detected!

DNS hacking

This can happen with a dedicated hosting or server attack. The domain name can be associated with the IP of other sites that will be manufactured in such a way as to mimic the original.
Here you will immediately see the result in the form of a drop in traffic, or a drop in sales, if the hacking is very selective.

You can report DNS using the online DNS report service.

Conclusion

Most hackers see themselves simply by looking at the site. Others are in source code and require scripts to validate them.
In any case, if in doubt, precautions must be taken: change the password... after malware removal.

Webmaster World link. (English).