Keeping Your Website Safe

Sucuri

Today we talk about malware (a virus on your website). You are going to have a hard time growing your audience if they are afraid of coming to your site. Special thanks to Ms. Ilene of basic blog tips for pointing out that one of my sites had an issue (which has since been fixed).

Here is the advice I got from my web hosting company:

Upon investigation, we removed a set of malicious injections and scripts and traced it to a compromised FTP password.

From our experience with malware of this nature, the user account passwords are compromised though viruses/malware located on your local computer. This malware sniffs out passwords used and stored by FTP programs or e-mail clients. In order to protect against future attack, you will need to run full virus and malware scans on your computers to ensure that they are clean. I recommend using multiple scanners as we have found that some scanners do not detect the malware. Malware Bytes ( http://www.malwarebytes.org/ ) and ComboFix ( http://www.bleepingcomputer.com/combofix/how-to-use-combofix ) have been reported to be able to clean this malware. It is highly suggested that you also do the following:

* Any computers legitimately allowed to access the account must be updated fully (Windows updates, browser updates, application updates, anti-virus updates)
* Any computers legitimately allowed to access the account must be completely scanned for viruses and secured completely

If you are seeing a warning page in your browser (Firefox, Chrome, Safari), please follow the directions on the following page to get rid of the red warning page: http://www.google.com/support/webmasters/bin/answer.py?answer=45432 . If these directions are not followed, this page will continue to show up for quite some time.

Sucuri Can Help Detect and Clean Malware

Sucuri Security According to an article from the Sucuri company (a great service that will detect and clean up malware for you ). Here are some things you can do:

1. Keep EVERYTHING up to date. This means your computer, your virus detection software, your browser, your wordpress, etc. Everything. These are often programs that get your passwords from FTP programs, and then use them to get into your control panel.

2. Don’t forget about those “test sites” you started and left for dead. Those outdated sites can be a crack in the security.

3.  Don’t give someone administrator rights if they are just going to be and editor. Once their job is done, delete their account.

4.  Come up with a better than average password. I use Last Pass to manage my password (and even think them up).

5. Backup your website on a regular basis like Backup Buddy

Podcast Success with Cali Lewis

Cali can be found at geekbeat.tv and she shares how she has been able to:

1. Jump Out of airplane with the US Army Golden Nights

2.  Fly brand new 787 airplanes

3. Play in the GM Win Tunnel

Check out her “Shiny happy tech news at geekbeat.tv

Last 5 in 5 From Nick Suberling

Nick produces a podcast about podcasting, and I got to hang out with him a little at the New Media Expo. You can find him at startpodcastingnow.com

1. School of Podcasting

2. The Audacity to podcast

3. Podcast Answer Man

4. Five Lives Football Daily

5. The 606

Smallest Podcasting Rig

I just bought a cable that allows my to plug my Audio Technica 2100 into my Roland R-05 recorder. If you are a person who is going to be podcasting “On the Road” this is an easy way to get a great inexpensive podcasting microphone connected to a rugged easy to use recorder.

Managing Multiple Websites wit Manage WP

If you have more than one podcast (With each one having its own website), Managewp makes it super easy to do things like upgrade your plugins, your themes, etc on all of your websites from one login. It can monitor to see if you have malware on your website (it doesn’t clean it, but it alerts you so you could alert your website hosting company). If you have multiple sites, its a HUGE time saver. It also can check to see if you have malware on your site (it won’t fix it, but you could contact your hosting company and they will clean it for you).

 

Listen to the Episode Below (00:32:28)
Receive These Notes In Your In-Box Automatically!
We never spam you

Tags:

Leave A Reply (1 comment so far)


  1. Ileane
    2 years ago

    Hi Dave,

    I’m glad you got your site fixed.
    WordPress security and taking backup is something we all need to be proactive about.

    Thanks for the shout out!!

Instant Access

Start Podcasting Today

Member Login

Email:
Password:
Remember   

Forgot Password

Podcast Consulting

X

Free Subscription

Subcribe to the School of Podcasting in iTunes

Listen to Stitcher

Subscribe to the School of Podcasting SOP

Listen Now

Blubrry player!

Past Shows