Secure Web Hosting: Why You Need It

I didn’t wake up on Sunday morning thinking about Secure Web Hosting and yet, by the end of the day I was writing about it.

So, what prompted this?

Like many business owners, one of the first things I do, when I wake up, is check my business emails. Yes, even on a Sunday. Just because it’s the weekend business never stops, especially if you work in the digital realm.

One of the reasons I check my business emails is that we provide secure web hosting as a service and I like to make sure that there are no alerts from any of the websites we host.

If there’s nothing I carry on with my morning routine. If there is, I open it to review the severity of the alert, and if there’s any action I need to take.

This was one of the mornings when there was something to do, my coffee had to wait. I had a security alert from one of the sites we manage, saying it had detected an admin login.

I looked at the admin username and noticed it was from the hosting company we use to host our client’s website. Now there’s nothing overly suspicious about that, they regularly log in to update WordPress core and plugin versions. However, the time the alert came through seemed odd, Saturday night, 11:18 pm which isn’t normal.

Noticing this, I immediately forwarded the alert email to the guys who run our secure web hosting, Paul and Ade, to check if it had been them. Not long after I received an email back confirming it was, and also providing the reason why.

There are several layers to our secure web hosting and I’ll get to all the nuts and bolts a little later on. For now, let’s look at this specific layer, which when a new user is created on any of our client-hosted websites, the hosting company get an alert.

The alert tells them that a new user has been created and on which site. This is often a tell-tale sign that a website has been hacked. However, unless you have an alert in place, you would never know until it’s too late.

In this case, it happened just after 11 pm on Saturday night. I was in bed at the time so I didn’t see it but one of the hosting guys did and jumped straight on the server to have a look.

Logging into the website, he noted that a new user had been created, called ‘wpadmin’. Realising there was a good chance it was dodgy, the tech removed the user, did a sweep of the site to ensure there were no further signs of a security breach and locked the site down again.

This was music to my ears, as I knew there would be little else for me to do at this point and the site was in good hands.

At first glance, the guys were unsure how the breach had occurred; however, 24 hours later Paul was back with the answer and a solution.

How had the website security been breached?

The breached website had been infected a number of years ago and we were involved with cleaning it up and transferring the hosting from elsewhere to over to us.

Over that time, we have kept this site and the others we host under strict security measures, with multiple levels of security both at the website and server end.

As well as the security measures, its WordPress version and plugins have been kept up to date to reduce the possibility of further attacks, as they are often the source of security breaches.

Then, out of the blue, a few years later, one Sunday morning, we start getting alerts, which was a complete surprise.

I’ve worked with Paul and Ade for many years and am always impressed by their ability to not get flustered in the face of unknown technical issues. The calm and methodical way they troubleshoot problems and the manner in which they resolve them is almost Jedi-like.

First thing Monday morning, Paul messaged me to say that they’d found something and asked if was I familiar with the concept of a “Database Trigger” – I was not, so he went on to explain.

What is a Database Trigger?

A Database Trigger is a standard database coding technique that “watches” a database table and is executed automatically when a certain event occurs in a database.

For example, you could create a trigger that is executed whenever a new record is inserted into a database table. The trigger could then do something like update another table, send an email, or log the event.

There’s nothing wrong with database triggers, they are perfectly legitimate and a powerful tool for businesses that use databases but… in this case, the trigger was the smoking gun and being used by hackers to hijack websites.

How are Database Triggers used to hack websites?

In this case, the trigger was leftover from the previous malware infection. It had been created when it was originally infected and had lay dormant for several years. Until now, we hadn’t been aware of this technique, so didn’t know to look for it.

So, when the website was originally infected, a database trigger had been installed that does the following:

“If an INSERT to the comments table contains the phrase ‘are you struggling to get comments to your blog’ then INSERT a new WordPress admin user with the following details…..’wpadmin’

This is so the hackers, even after a malware cleanup, still have a back door they can use. This is triggered by adding a specific comment in this case, “Are you struggling to get comments to your blog” in an old blog post, and it went undetected, until now.

This is done en-mass by using bots to spam websites to test if their new admin login is live and waiting.

Then, they re-infect the websites of the ones that are, at will.

Now we know about this method, we have been able to identify the specific areas of weakness and apply additional measures to our secure web hosting to reduce the chances of it happening again.

Thankfully, by mid-morning on Monday, the website was secure again and a potentially much bigger issue has been averted.

Although, I know that if anything had happened the site would have been brought back online from the last safe version that had been saved.

Peace of mind for us and our clients.

Why do you need backups?

In addition to choosing a secure web hosting provider, you also need to make sure that you have regular backups of your website. This is important because even if your website is secure, there is always the possibility that it could be hacked or damaged. If this happens, you will need to be able to restore your website from a backup.

There are a few different ways to create backups of your website. You can use a backup plugin like UpdraftPlus for your content management system (CMS), such as WordPress or Joomla or use a third-party backup service.

It’s important to create backups on a regular basis. You should make at least one backup per day, and you should store your backups in a safe location.

This will help you protect your website from data loss, even if something goes wrong.

Why do hackers want to hack your website?

You may think that your website isn’t worth anything to a hacker but just because you don’t think it is, it doesn’t mean it isn’t and it is still important to keep it secure.

Here are some of the reasons why hackers hack websites:

• To steal data. Hackers can steal customer data, such as credit card numbers and passwords, from a hacked website. This data can then be sold on the dark web or used to commit identity theft.
• To spread malware. Hackers can inject malware into a hacked website, which can then be downloaded by unsuspecting visitors. This malware can then steal data, damage computers, or even take control of computers.
• To disrupt a business. A hacked website can be taken offline, which can disrupt a business’s operations and cost them money, especially if the website is used for selling products.

Secure web hosting can help protect your website from these threats. A secure web host will have a number of security measures in place, such as:

• Firewalls. Firewalls can block unauthorized access to your website.
• Intrusion detection systems. Intrusion detection systems can monitor your website for suspicious activity.
• Malware scanning. Malware scanning can detect and remove malware from your website.
• Backups. Regular backups can help you restore your website if it is hacked.

In addition to these security measures, a secure web host will also offer support for proactive website monitoring.

This can help you detect and respond to threats quickly before they cause damage to your website. As was the case with our issue.

How Does Proactive Website Monitoring Work?

Proactive website monitoring is a service that monitors your website for signs of trouble. This includes things like unusual traffic patterns, malware infections, and server errors. If the monitoring service detects any problems, it will send you an alert so that you can take action.

Proactive website monitoring can help you protect your website from a variety of threats. It can help you detect and respond to malware infections, prevent DDoS attacks, and identify server vulnerabilities. This can help you keep your website safe and secure.

What is a DDoS Attack?

A Distributed Denial-of-Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. This can be done by using a botnet, which is a network of infected computers that are controlled by a hacker.

The hacker can send commands to the botnet to all of the infected computers at once, causing them to flood the target website with requests. This can cause the website to crash or become so slow that it is unusable.

DDoS attacks can be very disruptive and can cause significant financial losses for businesses. They can also be used to launch other attacks, such as phishing attacks or malware attacks.

If you’re serious about protecting your website, then you should consider investing in a proactive website monitoring service. This can help you stay ahead of the curve and protect your website from the latest threats.

Here are some of the benefits of using a secure web hosting provider:

• Peace of mind. Knowing that your website is secure can give you peace of mind. You can focus on running your business, without worrying about hackers.
• Increased traffic. Visitors are more likely to trust a website that they know is secure. This can lead to increased traffic and sales.
• Improved SEO. Google and other search engines favour websites that are secure. This means that your website is more likely to rank higher in search results, which can lead to more traffic.

If you’re serious about protecting your website, then you need to choose a secure web hosting provider.

Secure web hosting can help you keep your website safe from hackers and malware, and it can also help you improve your website’s performance and SEO.

What should businesses look for in a secure web hosting provider?

• Security: The hosting provider should have a strong security infrastructure in place to protect your website from hackers and malware. This should include firewalls, intrusion detection systems, and malware scanning.
• Uptime: The hosting provider should have a high uptime guarantee so your website is always available to visitors.
• Performance: The hosting provider should have servers that are fast and reliable so that your website loads quickly for your visitors.
• Support: The hosting provider should have a robust support strategy in place, in case you have any problems with your website.
• Scalability: The hosting provider should be able to scale your website as your business grows.

Once you have considered these factors, you can start comparing secure web hosting providers and choose the one that is right for your business.

How much does secure web hosting cost?

Secure web hosting packages come in all shapes and sizes, and varying costs.

The total cost usually depends on factors such as the amount of storage required, the size of the website, the number of email accounts, the size of the mailboxes, backups and the frequency of them etc.

Our secure web hosting comes in two flavours Gold for general business websites and Platinum for e-commerce sites.

Are we the cheapest, no we’re not. There are definitely cheaper secure web hosting options on the market if cost is your main driver and you don’t place any value on your business website.

Maybe the question shouldn’t be ‘How much does secure web hosting cost?’ Maybe the real question should be, ‘How much is my website worth?’

With many of the bigger hosts, you’re just a number, as they work on volume.

To us, you’re a valued customer who gets treated to great personal service as standard. To them, your website is just one of possibly hundreds or thousands and if one of those other websites isn’t managed regularly, plugins updated and security proactively checked, it can put all the sites on the server at risk.

When you consider some of the big names in secure web hosting have, in recent years, been subject to server breaches of their own, putting thousands of business websites at risk, the cheaper options don’t always work out.

It is unknown exactly how many websites get hacked daily but some estimates put it at around 20,000 plus. Many of which, we believe, could be averted by business owners taking secure web hosting seriously.

What can I do right now to protect my website?

Here are some things you can do right now, to reduce the chances of your website being compromised:

• Install 2FA – see our article “The Increasing Need For Two Factor Authentication“
• Change your password – see our article “The Importance Of A Strong Password“
• Back up your website – see our article “World Backup Day: Backing Up Your Business Website“
• Ask your hosting provider about the security measures they have in place to protect your website.
• Talk to 127 Media about secure web hosting.

I can’t emphasise enough that if you value your website you must take precautions to protect it from potential threats.

One of the best ways to do this is to have your secure web hosting and website maintenance with the same company.

In the daily struggle against hack attacks, one thing we can never be is complacent, and we stick by the adage, “Prevention is Better Than Cure.”

If your website hasn’t been maintained recently, has been hacked and is down or you’d like to know more about our secure web hosting services, please get in touch, we’d love to help.