David Kierznowski from BlogSecurity.net asked me to become a blogSec guest blogger, and write about my experiences with some blogs getting hacked.
Getting hacked can cause a lot of headache, specially if you don’t know what to do about it.
Unfortunately, most bloggers and site owners don’t really care about it, as they don’t care about backups.
When I first experienced it, I asked around. The answers I received were all the same:
1) Keep changing cPanel password periodically and keep the password hard to guess. – OK
2) Always ask all your clients to keep their scripts updated to latest version at all time. – OK
3) Make sure your backups are up to date! – OK
4) Check your log files and make sure to block the culprit IP. – Sounds good.
5) Make sure mod security is installed on your server. – Yup.
All the above sounds great, but it does not and will not address the root cause of the problem.