So, it finally happened: when Icarus flies too close to the sun, his wings will burn and he will tumble down hard…
My website got hacked and it was completely my own fault.
I have never ever been big on internet security. I do not have an anti-virus, I download weird programs from wonky websites and I honestly did not feel the need to change up my passwords every now and then. So, it will not come as a surprise when I tell you that one morning, I woke up with almost thirty emails in my inbox, of people telling me something weird was going on with my website…
My blog posts had changed, new blog posts had sprouted and weird people were commenting on my website. What happened? Links to gambling websites, to not so kosher news sites and other weird link juice and advertising was put on my website and I honestly had no idea why, how or who could have done this.
I made a mental list of all the things I signed up for in the last couple of weeks. I thought about all the people I contacted, about weird emails I might have had and about people I know that might want to “fuck me and my website over”. But again: I could not find an answer to my questions of why and how, so the best thing I could do is to prevent this from happening in the future.
I honestly must laugh when people use the cliché of “my home on the web” when they talk about their website. But there is some truth in it, in so far as that you would not leave the windows and doors of your house open for people to come in and rob you, move your couch or sleep in your bed. Therefore, it is important to secure yourself against people that might not have the best intentions for you or your website
How to protect your website from hackers
Hackers are not the computer geniuses with the black hoodies that stare at green text on a black background anymore. Most hackers that hack into websites like yours and mine are situated in countries like India, Pakistan and Russia and are just normal 9 to 5 workers that are given a computer, a program and are told to try and get into a list of websites for them provided. They let robots called “bots” run through your website and look for ways to get in, ways to post comments and links and to get their clients’ name out there and leech of your DA and link juice.
One of the best ways to protect you against this is by adding Captcha’s to your website. This means that whenever someone wants to post a comment, wants to login or in short – wants to do anything except for browsing through your website, they must prove that they are not bots.
Use brute force protection
Some hackers will go even further. They will use brute force to gain access to the backend of your website.
Think of brute force as someone ramming your door in with a hammer or an axe: you will have to have a damn strong door for it not to give in! These people will send loads of traffic to your website to make it take its defence down. Too bad this actually works well.
With Brute force protection on your website, a little program will block out any IP addresses that have tried to enter your website too many times and failed. This is the equivalent of putting up a steel wall in front of your house so that the intruder has no way whatsoever to reach your house anymore.
Yes, I did have myself locked out loads of times as well. I am very bad with passwords and thus when I first started, I got locked out gazillion times. Getting back in is easy as you can contact your hosting service to let you – and your IP address, back in.
* compensation was provided for the posting of this video