Loading

PSA: Prevent your website from being defaced or hacked

by Shashi Bellamkonda on January 17, 2010

Subscribe




We are receiving calls and tweets to our Twitter id @netsolcares  from customers who reported that their websites were defaced. We are running a scan to see if we can proactively determine if any hosting accounts are impacted. Proponents of malware, hacking, commonly look for websites with vulnerabilities.  These include weak passwords, third party applications that aren’t up to date or sometimes weakness could emanate from lack of updated anti-virus software on PCs.  As always, Network Solutions takes these seriously and is investigating to find out how these sites were defaced. A large part of the preventing these events comes from users taking preventive steps such as:
Routinely change passwords including FTP/ blog/content management software
Update your blog/content management software to the latest version.
Update any plug-ins or 3rd party scripts or code you may have for your website
Update firewalls & anti-virus on your local PCs.
Make sure your file permissions are set correctly correct and do not allow unauthorized access.
This is not an exhaustive list and these incidents can happen for a number of reasons. Just cleaning it once is not enough to resolve this. You should always take precautions.
To restore your site here are some quick instructions:
You can access backups from your Account Manager by clicking on nsHosting -> Configurations -> Website Backups. You can then restore a snapshot from a date from within the last three days.
A few links on the web that may be helpful to you with the caveat that we have not had the time to validate these are being provided below:

We are receiving calls and tweets to our Twitter id @netsolcares from customers who reported that their websites were defaced. We are running a scan to see if we can proactively determine if any hosting accounts are impacted. Proponents of malware and hacking  commonly look for websites with vulnerabilities.  These include weak passwords, third party applications that aren’t up to date or sometimes weakness could emanate from lack of updated anti-virus software on PCs.  As always, Network Solutions takes these seriously and is investigating to find out how these sites were defaced. A large part of the preventing these events comes from users taking preventive steps such as:

  • Routinely change passwords including FTP/ blog/content management software
  • Update your blog/content management software to the latest version.
  • Update any plug-ins or 3rd party scripts or code you may have for your website
  • Update firewalls & anti-virus on your local PCs.
  • Make sure your file permissions are set correctly correct and do not allow unauthorized access.

This is not an exhaustive list and these incidents can happen for a number of reasons. Just cleaning it once is not enough to resolve this. You should always take precautions.

To restore your site here are some quick instructions:

You can access backups from your Account Manager by clicking on nsHosting -> Configurations -> Website Backups. You can then restore a snapshot from a date from within the last three days.

Here is a earlier blog post that has additional information Minimizing the risk of your site being hacked.A few links on the web that may be helpful to you with the caveat that we have not had the time to validate these are being provided below:
Google: Best practices against hacking
25yearsofprogramming.com :Website security precautions

Find us on Facebook and follow us on Twitter for more posts like this!

Brought to you by Network Solutions®, a Web.com® service.

Related Posts

    • Name

      or… maybe you just got hacked?

    • jeffschmalfeldt

      I have started recieving phone calls from customers alerting me that my web site has been hacked into, been on hold 32 minutes and now 16 minutes, hopefully it can be corrected soon, thanks.

    • RPSSolar

      My web site is affected by this issue. What do i need to do? I been on hold for 45 minuts I need help

    • http://www.shashi.name Shashib

      HI folks,

      Thanks for commenting here, we will updats as soon as we have more information.

    • jeffschmalfeldt

      I have started recieving phone calls from customers alerting me that my web site has been hacked into, been on hold 32 minutes and now 16 minutes, hopefully it can be corrected soon, thanks.

    • RPSSolar

      My web site is affected by this issue. What do i need to do? I been on hold for 45 minuts I need help

    • Pingback: uberVU - social comments

    • http://www.shashi.name Shashib

      HI folks,

      Thanks for commenting here, we will updats as soon as we have more information.

    • sw

      We have been hacked… multiple times. We did upgrade the software to the latest version supported by Network solutions. but network solution does not provide any way to upgrade to the latest. I should be able to go to nwsoultions control panel and upgrade to the latest software.

    • 31510mdg

      Are there intermediary steps that I should be taking to protect my website information, i.e., someone below Hannabernard, said she/he “unassigned the domain name?”

    • http://www.appsolve.com Steven Fisher

      There are many things you can do to continually protect your site. We do apologize for this and have done everything necessary to correct to problem and seal any breaches. I would recommend that you check out Shashi's post that is an update to the site defacement issue.

      http://blog.networksolutions.com/2010/update-we…

    • http://www.appsolve.com Steven Fisher

      There are many things you can do to continually protect your site. We do apologize for this and have done everything necessary to correct to problem and seal any breaches. I would recommend that you check out Shashi's post that is an update to the site defacement issue.

      http://blog.networksolutions.com/2010/update-we…

    • http://www.appsolve.com Steven Fisher

      There are many things you can do to continually protect your site. We do apologize for this and have done everything necessary to correct to problem and seal any breaches. I would recommend that you check out Shashi's post that is an update to the site defacement issue.

      http://blog.networksolutions.com/2010/update-we…

    • http://www.appsolve.com Steven Fisher

      We do apologize for this and have done everything necessary to correct to problem and seal any breaches. The best way to update you on the site defacement is to check out this update from Shashi on law enforcement involvement.

      http://blog.networksolutions.com/2010/update-we…

    • http://www.appsolve.com Steven Fisher

      We are currently in the process of removing the defacements from affected sites and expect this to be completed this morning. If your site has been defaced please try to republish or restore your backup. If you need help, please contact http://networksolutions.com/support/ or on Twitter @netsolcares

      I would recommend that you check out the rest of Shashi's post that is an update to the site defacement issue.

      http://blog.networksolutions.com/2010/update-we…

    • http://www.appsolve.com Steven Fisher

      We are currently in the process of removing the defacements from affected sites and expect this to be completed this morning. If your site has been defaced please try to republish or restore your backup. If you need help, please contact http://networksolutions.com/support/ or on Twitter @netsolcares

      I would recommend that you check out the rest of Shashi's post that is an update to the site defacement issue.

      http://blog.networksolutions.com/2010/update-we…

      Thanks for your patience as we work to fix this.

    • scarp825

      When does Network Solutions feel this problem will be corrected?

    • 31510mdg

      YES, I'M A NS CUSTOMER BUT I CAN'T GET INTO THE SITE TO REPUBLISH IT…ALL I'M GETTING ARE REPEATED MESSAGES -YOURS AT LEAST OFFERED A SOLUTION-I WANT SOME ACTION TAKEN ASAP…MY WEBSITE POPS UP WITH PALESTINIAN MILITIA….
      WHAT IS BEING DONE?????
      HAS ANYONE CONTACTED THE AUTHORITIES, I.E., FBI, AS SUGGESTED BY SOMEONE?

    • 31510mdg

      I JUST SENT A BLOG EXPRESSING MY FRUSTRATION…I CANNOT DO ANYTHING….I WANT SOME HELP WITH THIS….THANK YOU!

    • jacoba2

      If you don't want your customers calling to say your site has been hacked get a Scanning service that monitors your site to prevent exposer.

    • http://www.appsolve.com Steven Fisher

      It should be fixed by now but if you have found your site hacked please contact us at email or call us. 1-800-333-7680 (U.S. and Canada) or 1-570-708-8788 (Outside the U.S.)

      You can also reach out through Twitter @netsolcares

      In the mean time, please check out our update on the Network Solutions blog:
      http://blog.networksolutions.com/2010/update-we…

    • http://www.appsolve.com Steven Fisher

      The authorities have been contacted and we are working with them.

      It should be fixed by now but if you have found your site hacked please contact us at email or call us. 1-800-333-7680 (U.S. and Canada) or 1-570-708-8788 (Outside the U.S.)

      You can also reach out through Twitter @netsolcares

      In the mean time, please check out our update on the Network Solutions blog:
      http://blog.networksolutions.com/2010/update-we…

    • http://www.appsolve.com Steven Fisher

      We are doing everything to resolve this matter and almost all sites have been restored.

      It should be fixed by now but if you have found your site hacked please contact us at email or call us. 1-800-333-7680 (U.S. and Canada) or 1-570-708-8788 (Outside the U.S.)

      You can also reach out through Twitter @netsolcares

      In the mean time, please check out our update on the Network Solutions blog:
      http://blog.networksolutions.com/2010/update-we…

    • drshelleyreciniello

      The person in charge of our site is trying to deal with you to repair it. But Ihave been told by a fomer FBI person that they need to see the content of this terrorist propaganda to see if it is code i.e. signal to other terrorists etc. ARE YOU really telling the FBI about all this???? It is essential that we do nothing to jeopardize their ability to find them and prevent an attack. On the personal side, it seems that it is Network Solutions that has the security issues and not individual users. Come on guys take the blame!!!

    • chapmuzic

      my site was jacked and it still has not been corrected not sure when it happened but I just noticed it today

    • 31510mdg

      I had NS 'republish' my website; it did not resolve the situation!!!!

      The problem has NOT been resolved; I HAVE NO ACCESS TO PROTECT MY WEBSITE OR CHANGE MY PASSWORD!!!!!

    • bisara7a

      my website was hacked 4 times in 24 hours
      how the hell are u helping me networksolutions????????
      dooooooooo something

    • Chad Kealey

      Ummm…how about giving customers a secure alternative to FTP? Don't get me wrong, passwords do need to be changed frequently, but passing them in clear text just makes it too easy to intercept them.