We have recently had one of our websites get infected with some malware code. This had the effect that all the pages on the site were being redirected to other pages which would then contain other unwanted content.
As soon as we were made aware of this situation we were able in the first place stop this activity happening then we were able to clean all this unwanted code from the website. This was possible because we take and keep regular backups of all our website files and databases.
In addition to removing the unwanted code we also implemented a couple of changes to help stop this sort of behaviour in the future such as making sure all the user account passwords were changed and implementing 2 factor authentication where necessary. Plus we have ensured that only people who need full administrator accounts have them and where only page editing tasks are required we can reduce the user level which can help mitigate these sorts of attacks in the future.
This all goes to show that even though we do our very best to ensure all our websites are up-to-date and follow the latest secure guidelines these attacks are happening throughout the whole internet constantly and one of the best ways you can help to keep your site secure is with a good password strategy.
So our advice is:
- Keep your passwords secure and complex
- Change them regularly if you can
- Limit access to your website to the activity that user requires.
Read more about Good Password Practice