Hackers are notorious for breaking into places they aren’t wanted and just doing stuff for fun. Sometimes they actually do some damage. Lately, the hackers have been getting much more sophisticated. They’ll enter your blog or CMS and drop a file on your server that inserts JavaScript on various pages that redirect visitors back to one of their own sites. Very clever.
The problem with some of these files is that if you delete them they return a few days later. It’s not cool.
But how do they do that?
When a hacker breaches your site’s security they will often leave a hole for themselves to come back through. Even if you patch the security hole they will return because they’ve given themselves another way in. That’s why it is extremely important to upgrade your blog or CMS software whenever developers create a new one. Don’t pass those opportunities up. You’ll regret it.
Tags: blog software, CMS, hackers
Hi Caroline,
I've had this happen perhaps 20 times to different sites I own. The problem was particularly bad about a year ago. My own situation involved a virus being planted on one of my desktop computers which then picked up ftp logins and relayed them on the the hackers. Fixing the problem files was useless because the hackers could just simply login and do the same thing over again. To fix it required a) getting rid of the virus on my desktop computer and b) changing the ftp login and pw for the site in question.
I have heard quite a few people describe a similar problem but clearly misdiagnose the cause. In my experience the problem was not the result of a "security hole" and upgrading the software would have simply been missing the cause of the problem. Obviously there are different problems out there and one solution does not fit all of them.