our website is all up-to-date. You have even implemented active security measures in the form of a firewall or scanners. Still, your website keeps getting hacked?!?
Have you checked that this is not a result of cross-site contamination?
What is cross-site contamination?
Have you heard that old saying – “One bad apple spoils the barrel”? This is the best description of cross-site contamination.
It occurs when there are multiple websites hosted on the same server environment. Imagine that the server is the barrel and each of those websites is an apple.
Often agencies or developers will place multiple sites on the same server either as a temporary measure or as a permanent solution to save time and money as it simplifies connectivity and maintenance. BUT this also means it is simpler to hack.
Hackers basically look for website and server setups with these sort of vulnerabilities and will hit them hard. One site on the server can be an entry point, but it will cause hacking issues on all the other websites that share that server. What can make diagnosis even more problematic is the fact that this ‘entry point’ site, whilst causing the hacks may not even itself be the one that is showing visible hacks in visitors browsers (pharmacy adverts, fake bank login pages, etc.)
Well-meaning server owners will clean and protect the sites that are showing obvious signs of infection however this will not necessarily solve the problem – just because a site is showing signs of infection does not mean it is the entry point site and the more sites that share the environment the harder it can be to root out that bad apple site.
How to prevent cross-site contamination?
In a perfect world, the best way to prevent cross-site contamination is to have a server per site setup. Often this sort of setup is just unrealistic with spiraling costs forcing owners or website managers to group websites together.
In which case some basic ‘housekeeping’ practices will vastly help to control and prevent this type of infection:
1. Get rid of anything that you don’t need. If you have an old installation that you are not currently using – zip it until you need it so it is not live and active.
2. Keep separate user, admin and file permissions for every site (this relates to files and database). Where possible create a separate account for each website on the server – so the web user that serves up that site only has file permission access to the files of that site and not the files of any other websites on that server. Do the same for database users. Each account should have permission to work only on that website and thus even if it gets hacked it will not allow automatic connection to all the other websites on the server.
3. Last but not least – implement pro-active security solutions on all the sites on the server. Protection of just one website on such a server or all except one will not be enough in most cases. Each of those websites is an entry point and it is key to close off all those entry points.
…One bad apple spoils the barrel…so make sure all the websites are protected.
We Can Help Save Your Business
SITE FIXED IN LESS THAN 1 HOUR
WordPress website defaced ? If we don’t fix a defaced website in less than 1 hour then we do it for FREE!. Luckily for us we are very good at fixing sites fast!