What are the chances my website gets affected with Malware?

Discussion in 'Security' started by Samm, Jun 2, 2017.

  1. Samm

    Samm New Member

    Hey!
    I apologize if this is a silly question. I have website made as it's now with several years of work. It has a decent amount of visits and engagement as well. I have concern in the wake of recent wannacry malware. I know wannacry targets windwos based PCs, but are there any Malware kind that affects websites and destroys data? I have read an article about Malware and how it's related to DDoS and Brute force attacks ( http://www.storagepipe.com/blog/DDoS-Bitcoin-Brute-Force-Malware/ ). How can I defend against such attacks? Any protective steps to take?
     
  2. phpAddict

    phpAddict Active Member

    With KH you already have DDoS protection using ConfigServer Security & Firewall, you should be getting email alerts telling you when this happens "blocked with too many connections". It does a great job against individual attacks and when there's too much for it to handle KH identifies them and quickly null routes them.

    As for Brute Force protection it depends on your application. For example, WordPress sites are often brute forced using the wp-login.php page or xmlrpc.php page. Since I have so many WordPress sites on my server I just have a mod security script that identifies failed login attempts. You can also use security plugins for WordPress, but I like ModSec taking care of it because it's ready to protect the moment WordPress is installed. Too many in a short time frame and the IP gets blocked from my entire server, not just the one site. If you have custom login pages you can do the same with some coding, either with ModSec or log IPs that fail logins then ignore their login attempts after a certain amount. But regardless, it really comes down to password complexity. If you just have a password as simple as "cheese" even with brute force protection it stands a good chance of being discovered. As that article said, pick strong passwords, random, long, and complex passwords are very unlikely to be brute forced even without brute force protection. I like testing passwords on howsecureismypassword.net to see how long it would take to brute force. But, I NEVER put in passwords I actually use there, just similar ones as you never want to just hand over your passwords even to a "password strength" website. They could store your IP and your password without you knowing.
    cheese gets cracked instantly
    qdPp9xyoEfT,G=R{#z gets cracked in 380 Quadrillion years

    Other than that, there are other reasons why websites get infected. SQL injection is a common cause as well as remote file inclusion. Any time I identify a site as being custom built, I like to test their code but only as a white hat. I've notified multiple admins of issues with their sites. If you'd like yours tested, PM me.
     
    KH-JonathanKW likes this.

Share This Page