Your Website Just Get Hacked? – 3 Tips To Minimize The Downtime

No matter what you do, at some point in time your website will go down. It’s inevitable. Perhaps your server will crash. Maybe your website will get hacked. Perhaps your database will get corrupted. Whatever it is, it is crucial that you be able to recover from these calamities as quickly as possible.

Our online store was recently hacked. While I’m still not 100% sure how they got in, I was able to recover from the attack in a very short period of time. Why? Because I was prepared.

Don’t kid yourself. Even if you are up to date with all of the security patches and you think your

hackergutter

Photo by Gutter

code is robust, someone someday will break into your website if they want to. There are far too many exploits and patches to keep track of that any experienced hacker can and will take advantage of.

Adjust Your Attitude

The first thing you need to accept is that your website is not invulnerable to attack. By taking on the attitude that your website will get attacked at some point, 3 things immediately become obvious.

  • You need to be able to detect that your website is down as soon as possible
  • You need to be able to detect whether your website has been hacked
  • You need to be able to diagnose and repair the problem quickly and efficiently to avoid downtime

Two things happened relatively recently that caused me to beef up my website recovery protocols. In one case, my database got corrupted because one of my machines went down. In another case, my online store got hacked. The hackers were pretty clever. They inserted hidden links in my php code that I would never have noticed unless I was paying attention.

After these events occurred, I immediately made several changes to combat these issues. Here’s what I did.

I Signed Up For A Site Monitor

You can’t always be around to tell if your website is running or not. For me, I would say that I’m in front of the computer monitoring my websites less than 10% of the day. The other 90% of the time, my sites could be down without my knowledge.

Fortunately, there are many services available that you can sign up for to monitor your website uptime. These services will ping your website at select intervals and then email you if your website is down. The service I use is called SiteUptime.com, but there are many other ones out there that I’m sure are equally as good.

The good news is that most of these services are free. If you require a more complicated uptime test protocol, you can usually pay a small monthly fee to gain the ability to perform more intricate monitoring tasks. For most people though, the free service is usually more than adequate.

I Set Up A CheckSum

Monitoring your site for downtime is all fine and dandy, but it will not be able to detect when you are hacked. These days, most websites are broken into through the use of php exploits or SQL injection vulnerabilities. Sometimes, hackers will gain access to your site because of weak ftp passwords as well. Whatever methods they use, your files will get altered or defaced in a non desirable fashion.

To help detect hacks, I’ve setup an hourly cron job that generates a checksum of my entire website. This checksum is a unique number that represents the contents of all of my web files. If any of the files are altered in any way shape or form, the checksum will no longer match. If the checksum does not match, I know that I’ve been hacked or someone has tried to alter my files.

Setting something up like this is extremely easy to do. All you need to do is to run the following unix command to generate your checksum

tar cf – /dir | md5sum

Once this initial checksum has been calculated, you then need to set up a script to run this command once per hour (or whatever interval is desired). This script calculates the checksum and then compares it to the known good generated checksum. If the checksums are different, then have the script email you letting you know that you’ve been hacked.

Setting all of this up takes just 20 minutes and could save you a ton of heartache if you are ever hacked. The absolute worst thing about getting hacked is that Google could flag your site as a malicious website which would flush your page and search rankings right down the drain.

I Set Up Automated Regular Backups

Discovering that you’ve been hacked is no good unless you can recover. That is why it is crucial to have a good backup handy to restore your website. Most websites these days are composed of both a website and a database backend. Both parts of the website need to be backed up regularly. For our online store, regularly means at least once a day and sometimes once every several hours.

You don’t have to store each and every backup permanently. You can create a circular buffer of backups such that you only keep the last 30 days worth in order to preserve disk space. Being the paranoid person that I am, I backup my stuff on the server itself, at home and at a remote location in case of a fire.

If I get hacked or my database gets corrupted, I’m usually alerted by email fairly quickly and I can usually have my website back up and running in a reasonable amount of time.

Key Takeaways

No matter what you do, any determined hacker can break into your server or website given enough time. Your web server hardware could also fail at any time and corrupt your database.

Especially if your website is mission critical to your business, you absolutely need to be able to recover quickly from any sort of downtime. At a bare minimum, you should implement the simple protocols described in this article. I’ve been caught off guard and with my pants down in the past. Learn from my mistakes!

Ready To Get Serious About Starting An Online Business?


If you are really considering starting your own online business, then you have to check out my free mini course on How To Create A Niche Online Store In 5 Easy Steps.

In this 6 day mini course, I reveal the steps that my wife and I took to earn 100 thousand dollars in the span of just a year. Best of all, it's absolutely free!

Give Me Access To The Free Course!
Enter Your Email Address:

Similar Posts

Have you read these?

18 thoughts on “Your Website Just Get Hacked? – 3 Tips To Minimize The Downtime”

  1. Links to free site monitoring service mentioned, please? Thanks!

  2. B7 says:

    Great post. I have a couple questions.

    1. Did you come up with the checksum solution yourself? I wonder if it will really do what you want. Consider this: could there ever be a time when the checksum changes without the kind of file update that you are expecting?

    2. What directories are included in the checksum? Does it include blog? Databases?

    3. How long does it take to run the checksum? For a large site, would it consume a lot of CPU time?

    1. Hey George,

      Excellent questions! I definitely didn’t come up with the concept of checksums. We use checksums at work to make sure that customers haven’t changed the code when asking for support. I merely extended that concept to my websites. There are certain files that get updated that you must specifically exclude from your checksum calculation. For example, you wouldn’t want to checksum your logfiles.

      I’ve included only text files in my checksum. These are php files that should never change while the site is running. The database is a bit more complicated and involves only extracting the tables that you aren’t expecting to change to calculate the checksum.

      My sites are all fairly small so it consumes a negligible amount of CPU time. If I had to scale this method, I would probably divvy up my sites into different checksums and calculate different portions throughout the day.

  3. I would also say make sure that your PC’s security software is updated. That is how I discovered the first hack on my site was through an alert via Kaspersky. It took that and Spybot S&D to clean off my machine, because the hack was caused by malware on my system that stole my FTP credentials, which allowed the hackers to add malicious code to my site.

    ~ Kristi

    1. Hey Kristi,

      Interesting. So the malware found your ftp password from your PC and then hacked your website? Wow I better be careful. Do you use secure ftp to transfer files?

  4. These are some excellent tips. I am not as vigilant as I should be and this should give me some concrete steps.

    Kristi points out the length to which hackers will go. Kevin D. Mitnick also makes this point frightfully clear in “Art of Intrusion”, which I recommend to everyone.

    Cheers,

    Mitch

    1. @Mitchell
      Yep. I wasn’t as vigilant either until it happened to me for the first time. Hopefully, your site will never get hacked

      @Jared
      Backups and discovery time are the key. Glad to know that you recovered your site quickly

      @Mark
      I make sure that I don’t store any sensitive information on my database at all (ie no credit card numbers etc…) Then I have a cron job which backs everything up and emails me. In addition, I have an automated sftp job that grabs the latest snapshot as well.

      @Jonathan
      Thanks! I hope everyone takes some basic measures to ensure that their site stays up. It’s not going to stop everything but probably the majority of attacks that a person is likely to face.

  5. Great stuff! Always have the backups of your site. My site was hacked once and it wasn’t a big deal. I was made aware of it maybe 12hrs later and simply uploaded the backup. All back to normal!

  6. Great tips! I’m interested in knowing how you automate your database backupsnot just on the server, but to your computer.

  7. Hey Steve,

    I once thought that getting hacked only happened to the other guy. Well, two hacking experiences later I realize that it is only a matter of time. Sooner or later it happens to everyone, so this article concerns everyone. Thanks!

  8. One other thing I do is a one-way sync of files from my desktop to my site via a program like SyncBack. Basically, if any file gets on to my web server that isn’t on my desktop, it is deleted. This is more resource intensive than a checksum calculation, so I certainly don’t do it hourly.

    1. @Marios
      That’s an interesting solution. It reminds me of how my friend backups his desktop at home to his NAS.

      @dave99
      I never thought of buying insurance. What do the premiums look like and what sort of coverage do you het?

  9. “Even if you are up to date with all of the security patches and you think your code is robust, someone someday will break into your website if they want to. “

    Dam this made me think of just how important it is that people take website security very seriously, along with all the great points raised on this post , I would like to mention that recently I took out website insurance. Part of the policy is to cover against this type of situation. http://www.websiteinsurance.co.uk

    I own a few small websites in the UK however I now sleep a lot easier knowing I am covered

  10. They aren’t significant, but does it really hurt to use two or three highly targeted keywords?

  11. One way to make sure you aren’t hacked.. keep your software updated. This is the most common method of getting compromised.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>