Since February 6, our shared hosting platform was under constant attack by malicious users intent on taking down our server. In the past two days, we suffered many hours of downtime as our team battled this issue.
In the world of web development, two Content Management Systems (CMS) are very popular: WordPress and Joomla. Both are so popular that they are common targets of hackers, and both have many known vulnerabilities. It is crucial to keep your WordPress and Joomla site updated with the latest patches as they are released by Joomla and WordPress. This prevents hackers from having easy access to your site.
Many clients host WordPress and Joomla sites on our shared hosting infrastructure, and the majority of these sites are not patched properly, leaving many vulnerabilities open for hackers to exploit. This week, malicious users took advantage of those vulnerabilities and inserted a nasty script into many of these sites. Once the scripts were uploaded, the attackers were able to run those scripts with the intention of disabling our server. They were very successful with this strategy, and our team spent many hours battling this issue.
While we can do very little about the unpatched WordPress and Joomla sites (beyond warning about the dangers) we have taken a number of steps to combat this issue. First, our team wrote a special program that seeks and destroys the script that the attackers were placing on the hacked sites. Second, we edited our firewall rules to mitigate the affects of the script that the malicious users were using.
If your WordPress or Joomla site is still unpatched, your are still vunerable to a successful (and easy) attack of your website. Please contact our team today to learn what we can do to protect you against these issues.