How Did My Site Get Hacked?

You Have Been Hacked! How Did My Site Get hacked?

hacked_1Have you ever wondered how your site got hacked?  Often it is through a shared site!

You have a site called and on your perfect site you keep all of your security in perfect order. You know that there is not a way possible for your site to get infected with malware. Your server host offers you unlimited domains. Your first site is doing very well, but you want to incorporate some changes, so you start a second site called

On your new site you try new plugins and features that you plan to use on but after a while you forget about You do not update the site or the plugins you have on it, but you still have it as a live site just in case you need it again in the future.

So a hacker comes a knocking on your door and with every brute-force attack they are not able to get into  Your security is tight, and no matter what form of attack they use, they are not getting into your site. They do a search on you IP address and find that you have shared hosting and the site   Using the same techniques as before they find a vulnerable plugin that had not been updated and they were able to gain access.

The first thing that you are going to think is, “That’s on the test site, it shouldn’t matter!” correct? That is incorrect. Even though was secure, it was now infested with viruses and the home page had a graphic saying, “This Site Will Infect Your Computer!!” for all visitors to see.

Both sites are on the same shared account with and managed by the same user. If there is vulnerability on either site it may be used to attack the entire account. Once on the server the attacker was able to introduce malicious code from backdoors to actionable code. Like a virus the code is replicated and inserting itself into every file it could find.

What to do, what to do? You hire an expert to come in and clean all the malicious code and backdoors, and finally your site is working again. You are happy that everything is back to normal when within the next hour everything reappeared.

The answer to this is simple. A virus spreads and malware can spread as well. It will duplicate itself and hide in directories you never check, or care to look. The file could also be called something that looks like it’s suppose to be there. You would be afraid to remove it not knowing if the consequences would be devastating or not. Scrubbing your database may be your only solution to the problem.

This information I give you for the importance of keeping regular backups of your site and database. If you have multiple sites on a shared host, make sure that all sites are secure to ensure that this does not happen to you.