Skip Navigation LinksBlog

Share |
Go Back
  • BEWARE - FTP Hacking

    Be aware... recently we have noticed a rise in FTP hacking, successful brute force security hacks.  A number of sites, unfortunately the Nomis site as well as client sites and I imagine many others, were comprimised.

    FTP hacking, brute force security hacking, is where a hacker manages to guess your password and then obtain access to the raw files of your website: it conjures up images of a person tapping in "12345", then "54321", then "23456" etc., like in the movies, in fact it is a lot more sophisticated and can lead to problems such as Google blocking your site and advising visitors that the site contains malicious content - not very good PR. 

    The examples of FTP hacking that we have seen in pages show a line(s) of script that has been added to the html code which forwards the user onto another site or downloads malicious programmes.

    Ways to try and reduce the risk of FTP hacking:

    • Make your password as hard as possible to guess
      • Firstly check with your hosting company as to their password policy but where possible include the following:
        • Numbers
        • Letters
        • Symbols
        • Vary the case of letters -  use both uppercase and lowercase
    • If you do not need your FTP service, turn it off
      • Only have it turned on when you actually need it.

    Full story

    Comments (0)