Website Security Resources
This page is for collecting a list of security resources to help Servage customers:
- Prevent their websites from being hacked
- Investigate and find out what's wrong if they do get hacked
- Repair and better secure their sites (self installed or via our Autoinstaller)
- Learn more about website security
If you find other useful resources, please post links to them here to help other Servage users so we can all keep our websites safe.
How to protect site from getting hacked. How to repair hacked site.
WordPress Malware Script Attack Fix
Summary of how to prevent hacking:
- Keep your software updated
- Use strong passwords, and use a different password in every place where a password is needed
- Always keep your WordPress, forums, and other scripts updated to the most recent version
- Be careful about security when you write your own PHP scripts. It is very easy to create a security hole by accident when writing your own code.
- Keep viruses and spyware off your computer
Summary of what to do after a hack:
- Log into our control panel
- File a support request ticket with Servage. We may assist with cleaning up files that might have been affected.
- Change all your passwords
- Find and repair any malicious changes that were made to your site. You might find control panel > Online File Manager a useful way to identify pages with recent unauthorized modifications.
- Find and repair the security problem that allowed the hackers to enter your site.
To get a report about potentially malicious invisible links in your web pages, see http://www.unmaskparasites.com/.
How to protect your WordPress site
How to protect your Joomla site
Where to look up security advisories about third party scripts
Search for the name of the script at http://secunia.com/advisories/search/.
Monitor your site's status and be informed if Google detects a compromise
Webmaster Central has a link to Google Groups where you can ask for help with security issues.
Where to find your IP address
You can find your IP address at http://whatismyip.com.
Can I find if someone tried to log into my control panel?
Yes. If you enable GeoIP security for your account from Your account -> Account security then it will prevent any unwanted IP to access your control panel and will list those IPs which have attempted to login in your control panel.
Where can I see the files in my site?
Go to control panel > Online File Manager.
What is the FTP address of my site?
It is: ftp://ftp.servage.net/