Website hacked! Find out why and how to stop it

Website hacked! Find out why and how to stop it

Hacking is the seeking and exploitation of weaknesses in a computer system or computer network (Wikipedia). Hackers may be motivated by a multitude of reasons such as profit, protest, challenge or enjoyment. Hacking is not limited to computer devices only but also to websites which are hosted on the computers (servers). It has been noted that the majority of hacked websites belong to small businesses.

According to Forbes Magazine ‘Cyber crime rates have risen sharply with an estimate of 30 000 websites being hacked a day and some infected with different types of malware’.

Too many times people think ‘why would a hacker target my small business website?’ The truth of the matter is that most hackers don’t even know you or care about your business. Hackers hack websites most of the time for completely selfish reasons. They may do it just for fun, as an accomplishment, to spread spam and malware on the internet or to use your website to attack other websites. There is also the possibility of hacking for financial gain or as a form of revenge although these are not very common. This may all sound like bad news but it isn’t. You can greatly minimize the risk of a website hack by changing your habits. That is the very reason for this article – to highlight common security risks and present opportunities for improvement. Lets now explore the main reasons why many websites are hacked.

1. Insecure use of passwords and usernames.

The number one reason why most websites are hacked is poor use of passwords. In fact, this is so prevalent that we have broken it down into three password security risks:

a. Weak passwords.

Did you know it takes only 10 minutes to crack a lowercase password that is of 6 character long? Adding two extra letters and a few uppercase letters it jumps to 3 years. Great caution should be exercised when choosing a combination of characters that makes up your password. The time for easy three letter password is long gone. Hackers are now using sophisticated automated programs to crack passwords and get access to restricted areas of a website with great ease. A strong password should consists of alpha-numeric and special characters such as Th0m@5; instead of Thomas. Make sure that it will not relate to your personal information for instance the year you were born as this can be guessed correctly. A strong password is a combination of capital letters, small letters, symbols and numbers. In addition, the longer the password the stronger it is. Generally 8 characters and above is ok.

b. Using the same password for different online accounts.

Today’s internet user has multiple online accounts. Think of your personal Gmail, Yahoo, Twitter, Facebook account, Paypal, work email, website logins and all those other online accounts. It’s a lot easier to simply use one password for all these accounts in a bid to avoid recalling different passwords. This is a very costly mistake. Why? Using the same password for all your accounts means that a hacker who gets access to any online account of yours automatically has the credentials for all your other online accounts as well. These credentials can be used to access your email account which usually contain references of your other online accounts. This will often include passwords to your web hosting account, giving hackers access to your hosting account. The solution is to use a password manager. Many free cloud based password managers are available where your can store different passwords for different online accounts, then easily retrieve them when a need arises. Tools like the Norton identity safe, Dashlane or LastPass store all your passwords and usually work across devices so that you can use it on PC or on mobile.

c. Saving passwords in web browsers.

It may seem to be convenient clicking the “Remember password” option in your web browser whilst its not a good thing. Browsers like Google Chrome saves your usernames and passwords in plan text files that are not encrypted. Therefore, someone who have access to your computer physically or by any means can search the browser log and view your credentials with no hustles. I guess you already know what will happen next. He will go on to use them without your consent and log into your listed accounts.

2. Installing untrusted toolbars.

Please do not fall in a trap of installing a toolbar from an unknown source. Most toolbars which are embedded in browsers collect private and sensitive data without your knowledge. Did you know that toolbars often act as a starting point for malware to gain access to your computer? Hackers are inserting malicious codes in these toolbars that will supply them with login credentials and passwords extracted from your web browser. It will be like you are now under the CCTV surveillance system as your passwords and everything your are browsing is being reported back. By getting hold of the correct username and password supplied, this is how one can log into your web hosting account then cause harm for his own benefit.

3. Software updates not made.

Sounding like its a minor thing, ooh! Most modern websites are being developed using popular Content Management Systems (CMSs) like Joomla or WordPress. These are third party software that are made available free of charge to help in the rapid development of secured websites. Updates are released periodically with some meant to fix bugs or address security issues found in previous versions. By not updating to the latest version, your website is prone to security issues that would have been identified. Hackers often scan websites to figure out the ones which are still using vulnerable older version. Staying updated to latest version will make it difficult for a hacker to break into your website.

4. Insecurely developed websites.

Most web designers go on developing websites without adhering to good web security standards. Just like a house built on a strong foundation, a website that is built following these standards will be difficult to hack.

Network World noted that “for every website that gets hacked, poor implementation of securing standards is the major contributor”.

Everything has a price, most web design companies that develop secure websites often charge a higher price than the average. This is the main reason why prices differ for designing the same website, hence you should bear this in mind when choosing who to give a contract to build your website. Rare cases exists where companies charge lower prices for a secured product, the golden rule applies that “you often get value for what you have paid for”. Though website security is something that can not be seen to satisfy the client, it should be noted that it is a necessity for every website. People often witness this when they lose the whole customer database containing sensitive financial information to a hacker.

5. Giving administrator access to untrustworthy parties.

It is your responsibility as a website owner to decide who to give administrator access to make changes or updates to your website. Never trust anyone when it comes to security issues of your website. Many websites are hacked not by an unknown hacker but by someone you have previously shared your credentials with. Whenever you want someone to make changes to your website make sure that you create a temporary user account with limited privileges. This user account should be deleted immediately when the person has completed their given assignment. In the event that you shared your administrator password, you should change your password to make sure no one will login without your consent. You should take this seriously if you value the security of your website.

6. Lack of network monitoring systems

Continuous advancement in the networking field has brought new security threats on the table. Many small businesses owners do not put much effort if any in securing their networks, instead they assume “everything is well”. Lack of network management systems like firewalls, anti-malware, network access controls, intrusion detection and prevention system places organization’s information assets at high risk. Threats like brute force attacks, cross-site scripting might be launched to intercept user credentials via a web browser. Once the goal is achieved, compromising a website will follow which will have destructive effects.

You should put more effort to secure your website from getting it hacked because if you don’t, both your current and potential customers can lose trust in you when it gets hacked. After having spent time reading this article, l hope you have learnt something, go and implement these in securing your website. More security issues are emerging due to the evolving of technology so you should stay vigilant. Found this article interesting?, share it with your friends on: Do you have a secure website yet? Reach Angel & Walt Hosting for a more affordable and secured website for your business today.

Do you have a website firewall & security for your website?

Learn more about our Website Security Services
8 things your website should do to grow your business

8 things your website should do to grow your business

One very frequent frustration most business owners have is that their website doesn’t seem to have any positive impact on their business. You pay for your domain renewal and website hosting but nothing ever seems to come out of it. Your website is a recurring expenditure and it seems all you do is pay, pay and pay. Ask yourself these questions?

  • Is my website an expenditure or an investment?
  • Is it a liability or an asset?
  • Does my website take away money or bring me money?
  • How much money has my website made me in the last year?
  • How much money have I spent on my website in the last year?

 

Yes you have a catchy design that looks nice but your business doesn’t need ‘nice’ only. It needs to grow! It needs more visitors, more sales, more customers and more profit. And your business website should support those goals. If it doesn’t then why waste more money on it? Your website should be an asset and an investment. It should make you more money and bring you more business. Let’s look at 8 things your website should do for your business:

1. A 24/7 online business representative.

A website is a very important business asset. It represents your business online and answers frequent questions that a normal business representative is asked. Things like who are you? Where are you located? What are your telephone numbers? What products do you sell and what services do you have on offer? Think about these facts –

  • Your business has opening and closing times.

This is a major limitation because customers are restricted to the time that you are open in order to make an inquiry. A website changes all this and allows you to serve customers night and day and at their convenience. A website never sleeps and will provide prospects with information on a continuous basis. It’s the perfect employee! A 24/7 corporate representative. How much would you pay an employee who never sleeps and is always serving customers no-matter what time of day it is? A website is a LOT cheaper than an employee.

  • You are located in a specific location or locations at a time.

Every business has a physical presence either in one location or multiple locations. No-matter how many locations you can be found in, you are still faraway than the business that has a website. These days people no longer want to travel to find products and services. They prefer to do it online. It’s more convenient and you save on time and transport cost.

  • You have a limit on the number of employees you have.

Imagine if your business has a lot of visitors at the same time. You have a limited number of staff members so it means having visitors and customers wait in line until its their turn. A website solves all of that. It can serve hundreds, thousands and even millions at the same time.

2. Market your business and it’s uniqueness.

Every business is unique and so is yours. Uniqueness is important. It’s what differentiates you from your competitors. Think about it. If you are the same as your competitors then why should a customer come to you and not to your competitors? You need to differentiate yourself and let that differentiation show on your website. Your business must have a unique value proposition, something that tells your visitors that this is ‘us’. This is what we stand for and how we do business.

3. Advertise your products and services.

You are in business to provide your customers with products and service. The best place you can showcase what you do is your own website. Everywhere else you are going to be limited in terms of how you present and advertise what you offer. You will be limited in number of products, words and photos you can use. You are limited by the design, structure and layout of other websites where you may want to advertise. But on your own website you have complete freedom as to how you want the world to see your products.

It’s very important to list each of your products and services on each own page. This makes it easier to share the web address to that product. Let’s say you sell common bricks. When someone asks you about common bricks,, instead of giving them a link to all your products you simply provide them the URL to the common bricks page. This is convenient to your customers and also helps you to rank higher in search engines. It’s important not to just place a page for every product or offering you have but to explain the product. Provide sufficient information to visitors so that they don’t need to phone or email asking questions.

Answer frequently asked questions about the product right there on the page. If you product has photos this should also be included together with any information on product benefits. Lastly, you need to provide your website visitors with very clear instructions on what they need to do to order or buy the product. Don’t assume that they will know what to do, guide them!

4. Sell and accept payments for products and services online.

A good website will not just introduce products to customers. No, it will allow them to order and buy the product or service right there on the website. If you can save your customers the need to visit your offices and make the buying process more convenient then do it. With almost every customer on Ecocash now having a Mastercard, buying online has never been easier in Zimbabwe.

There are now also facilities like Paynow that help you accept payments on your website using methods like Ecocash, Telecash, Visa and Mastercard. You have the option to accept payments online and offer paid delivery services via shipping options like DHL. If you provide a service that need your customers to provide you with custom information then you can always include a website form to capture that information.

5. Gather sales leads continuously.

What happens on your website when someone visits it? Do you even know who visited your website? The reason someone visited your website is most likely because they were interested in what you have to offer. They may not have called or ordered something because they are still researching or they don’t have the funds as yet. It’s very easy for such people to forget you and buy somewhere else. There’s so much competition around and anyone can wow your them away. So what should you do? I’m glad you asked.

You need to give your visitors a chance to give you their contact details. A phone number or an email address will do. This way you follow up with your visitors. You can send them links to your articles about the product they were interested in. How to guides, case studies, promotions and discounts or trial accounts work here. Whatever you decide on doesn’t really matter, what’s important is that you find a way of capturing leads so that your sales team can follow up and help them become customers.

6. Educate visitors and customers about your products and services.

This is a big problem i have seen with many African websites. Even big telecommunication companies continually make it. They offer a product or service and then leave the customer to figure out what to do on their own. You need to educate your customers about your offerings. What are the benefits? What do i do if i encounter problems? How do i get started? This is very important information on a website. If you sell cement as an example, tell your customers how to use the cement. What proportions do i need for floors? How about walls? Offer your visitors something of value. Trust me, they will appreciate it.

7. Attract new visitors to your website.

This is at the end but is probably the most important. If your website has the catchy latest design on the planet but has no traffic then all that money or effort into it were just a waste. Your website must do the hard work for your business. It must attract new visitors who are looking for what you have to offer. If you offer shoe repair services and someone types that in Google then your website must appear in the search results. If someone clicks on that then you have gained a new visitor and quite possibly a new customer. This process is called search engine optimization.

8. Get insight and data about your visitors.

Who visits your website? What is their age? They come from which country? Do they use mobile devices or desktops to view your website? Which are the most popular pages on your website? How do they reach your website? Most website owners don’t have any data or information about their website visitors. They are completely clueless. In order to be able to continually improve your business, you need to know who you are serving and be able to make changes as necessary. A service like Google Analytics can provide immense value.

Consider this example – You offer a service and require your customers to come and fill in a form at your offices. When you look at your website you discover that 75% of your website visitors are from the UK. Requiring such visitors to come to your offices is simply not practical. You have to make changes if you want to convert these visitors into customers.

Conclusion

Does your website make you money? Tell us in the comments below. If you liked this article please share it with your friends.

Get yourself a website that ACTUALLY makes you money

At Angel & Walt we specialize in building websites that help you grow and succeed.
click to find out more
Feature request: Unblock your IP address

Feature request: Unblock your IP address

Unblock your IP address.

We are pleased to announce the addition of a feature request to your hosting account.

Data security

Data security is of paramount importance at Angel & Walt Hosting. Because of that we have taken steps to protect your web hosting account and its data to ensure that only the people who have the necessary credentials are given access to your account.

Server firewall

One of these steps is a firewall at the server level. This works by blocking access to anyone who tries to log into your account and enters either a wrong password or username a number of times. The server checks the IP address of the offending access device and blocks it from accessing your account. If the offender was a hacker or someone trying to gain unauthorised access to your account it means that your account is kept safe. On a daily basis thousands of such ‘trespassers’ are denied access to online accounts. Without such a firewall it means someone could keep trying over and over again until they gained access to your account.

Reasons why you may be blocked

Unfortunately the firewall sometimes blocks legitimate users. Maybe you forgot your recently changed password or you tried entering your Gmail password instead of your cpanel password. Or you probably missed one letter from your username. The end result is that the server will think that you are a hacker and will block your IP address in the firewall.

Up to this moment you had to contact our support staff in order to regain access to your account. Many of our users have requested that they would want the ability to unblock themselves without contacting support. Today we are pleased to let you know that this is now possible – You can now unblock yourself from within your Client Area on our website!

So how do you know if your IP address has been blocked?

There are steps you can take to find out if your IP address has been blocked. If you visit any URL address associated with your domain they will not work e.g. yourdomain, yourdomain/webmail, yourdomain/cpanel. If you use Outlook for email you also won’t be able to send or receive emails.

How do i unblock myself?

Step 1: Login to your Billing Account and enter your Client Area credentials. You received these via email when you signed up for our services. If you have forgotten them you can easily reset your password on the same URL above.

Step 2: Once logged in simply visit Unblock IP. The system will detect your current IP address and give the option to ‘Check for IP block and remove’

You should now be able to log into your account without problems. If the above does not work the contact our support team by visiting the Support Centre on our website. We are available via Live Chat, Telephone, Ticket system or email.

Enjoy your day and remember- let us know of any areas you want us to improve on. We appreciate your feedback

Introducing our redesigned, responsive website

Introducing our redesigned, responsive website

As a part of our ongoing efforts to improve customer experience at Angel & Walt Hosting, we’re pleased to announce the launch of our new website! The all new AngelWaltHosting.com boasts a number of features designed to improve the site’s overall usability, organization, speed, and clarity. Not only have we refined and modernized the content and design, but the new site also emphasizes our dedication to Customer Support.

Our site redesign was done with our customers in mind, with the goal to improve the overall experience when they visit the site and present to them an honest and transparent representation of Angel & Walt Hosting.
We’ve included a number of additional changes that improve the site’s usability – and make our customers’ lives easier. The inspiration for these changes is our number one priority – to add value to our clients, which starts the moment a customer visits our website. We want to ensure that all the information a customer is looking for is easily accessible and clearly explained.

With this redesign, we’ve made improvements to everything from the site navigation to the purchasing process, including:

Reorganized Website Navigation

Our revised site navigation puts all the most important pages right up front, and makes it easy for our customers to browse the site and quickly find what they need.

Speed & Efficiency

We know how valuable our customers’ time is, so we’ve enhanced the site to decrease our page load times, allowing customers to find exactly what they need in less time.

Simplified Ordering Process

We’ve eliminated unnecessary content and clutter from our shopping cart, making the ordering process even easier for customers.

Modern Website Design

Our new site design is clean and modern, eliminating distractions and allowing customers to focus on the important part of our website, the content.

Responsive Design

Our customers access our website from many different devices, so we made sure to create a responsive website that would not only look beautiful, but also function beautifully on all screen sizes and resolutions.

Updated Content and Support Centre

In addition to small content revisions throughout the site, we have also included a whole new support centre to help our customers further understand our products and get help when its needed.

Our new website is a reflection of our customers’ needs. Every new feature was designed with the goal of educating our customers and helping them purchase and set up their hosting environments even faster. Improving the customer experience is always our top priority and we’ll continue to find new ways, like our redesigned website, to go above and beyond in every way possible.

Pin It on Pinterest