Modernizing Authentication — What It Takes to Transform Secure Access
Google recently created a new "Help for hacked sites" informational series aimed at helping Web site owners recover their hacked Web sites. The series includes articles and videos covering everything from what it means to be hacked to how to diagnose specific types of malware infections.
In a blog post announcing the series, Google Developer Programs Tech Lead Maile Ohye notes that StopBadware and Commtouch’s 2012 survey of more than 600 webmasters of hacked sites found that 26 percent of site owners said their sites were still compromised, and 2 percent had completely abandoned their hacked sites.
Ohye offers the following essential security advice to site owners:
- Be vigilant about keeping software updated
- Understand the security practices of all applications, plugins, third-party software, etc., before you install them on your server
- Remove unnecessary or unused software
- Enforce creation of strong passwords
- Keep all devices used to log in to your web server secure (updated operating system and browser)
- Make regular, automated backups
"We hope that by adding our educational resources to the great tools and information already available from the security community, more hacked sites can restore their unique content and make it safely available to users," Ohye writes. "The fact remains, however, that the process to recovery requires fairly advanced system administrator skills and knowledge of source code. Without help from others -- perhaps their hoster or a trusted expert -- many site owners may still struggle to recover."