Ahhh, HELP my server got hacked from an insecure web form! Part 1

by
Robert Kennedy

Your worst nightmare…you wake up... get your morning coffee and power up your online empire and it's been deactivated.

The first thing I like to do is download all email. While email is downloading I log into my CMS panel to see how biz is doing! Hmmm, can’t connect to server?

Refresh…another refresh, ctrl key down refresh, NOTHING?!

OK my server must be down, I’m gonna restart it. Before that I toggle back to my downloading email and find an urgent message with the subject reading “3rd level admin DISABLED FOLDER”

Great! I'm Busted for Sending Spam I Didn't Even Send, WHAT NEXT?

Seriously bummed out I contact my host to be advised a web form on one of my sites was compromised and used to send out spam originating in China.

Because I have use dedicated, unmanaged servers the cause (blame) is solely mine! How long has this been going on? I had no idea!! Well the truthful answers would soon become blatantly obvious.

Hackers Hacked my Form, WHAT DOES THIS MEAN??

If you are entirely unaware of the potential vulnerabilities of your web forms this can be going on in front of your very eyes for days, weeks or months without your knowledge!! While the recipients of your unwanted spam trash do the right thing and report you to authorities causing your IP address to get blacklisted. The more reports filed the faster this propagates throughout the authorities. Every spam report filed requires evidence. In this case your email IP address is found in the header of every email sent from your server. Once this happens OH OH:

• Search Rankings disappear
• Your email addresses become blocked by many ISPs
• Your name is basically Mud
• You are labeled as a spammer
• You are blacklisted

Wait a minute here, I am an entrepreneur with a family and rely entirely on my online business activities to pay the bills. When this happened to me the result was all of the above. My online network that I had worked so hard on developing since 1998 came crumbling down.

Like any online marketer I quickly learned how it happened and what can be done to ensure this doesn’t happen again.

What is the best Solution for web form security?

I asked my tech team to investigate this and come up with the best solution, NOW PLEASE!

OK, so we discover there are many tools used by these evil doers!! Tools (weapons) such as:

• Form scripts
• Email hacking
• Web form generators
• Hacking programs
• Web form template hackers
• Web form processing hackers
• Html form hacking
• Script form hacks
• Hacking mail programs
• Asp form hacks
• Form email hackers
• Hacking credit accounts
• Form javascript hacks
• Form database hacking
• Form submit hacks
• Hacking tools

OH Ya!! We found the best way to protect ourselves from this garbage!!

A Simple Way to Guard your website that doesn't cost a dime

Firstly, the easy method to combat this is just avoid file naming typically associated with forms. File naming such as “contact.htm” or “email”. Any of your supporting scripts should also avoid typical naming logic. Many of the automatic programs used for this will locate your forms by logical naming then attack. So you may want to start by renaming your current “contactus.htm” form to something like “132-touchbase-321.htm”

An easy, cost free way to protect your email addresses from being harvested

One of the most basic rules is don’t display your email addresses on your site. Display an email address has certain targeted characters such as “mailto” or “@” combined with “.” When these characters are displayed it becomes a feeding frenzy for email spam address harvesting.

How can my Customers Get in touch with me if I don't Publish my Email address?

What Long Term Preventative Action I took Against Insecure Servers!

After my technical team researched the finest, affordable suctions for on-page insecurities one name kept coming up UltimateFormmail (UFM). Here are some of the bells and whistles that I found very useful: