Website security issues and password managers

The place to discuss anything to do with computers, software, hardware, no matter how basic or technical. We all use this stuff, but we don't always understand it!
User avatar
CarolineH
Posts: 888
Joined: Thu Sep 29, 2011 5:12 pm
Location: Nr Dinan, Brittany, France

Website security issues and password managers

Post by CarolineH »

I have had an alarming weekend. Firstly my website was not available with this message :
Image
My site is hosted by webhostingpad (who I have had no problems with in the past). They changed the password to my mail account last week and then sent me a message (to that account!) telling me that they had done it due to a large amount of SPAM being sent from my account.
So I am unaware because I didn't get the email (or any of my customers emails).
I have raised a support call and they have told me all of this but it has since happened three times more. I guess they have an automatic bot changing passwords when things get a bit iffy.

So - I have changed my passwords to their recommendations (my previous password was already a generated one, so there shouldn't have been any problems there) However, I was using the same password on several accounts.

Two questions:
1. Should I move my website - I'm really not happy about my site showing a message like this
2. Can anybody give me any information about password management sites so that I can have really complicated passwords changing regularly, but kept in a central place?

Many thanks
Caroline
e-richard
Posts: 5008
Joined: Sun Oct 17, 2004 11:33 am
Location: Algarve, Portugal
Contact:

Post by e-richard »

Caroline,

I know its little comfort, but this is not an unusual occurrence. There are plenty of scum out there who think its clever to hack into people's websites and add some malicious code for various unpleasant reasons. Sadly its common at WordPRess sites.

It appears that the malicious code has now been removed, and your site is running fine. You may have to refresh te page at your end.

The key passwords to change are your website login and if you have cPanel login, change that one too.

Others, more expert at WordPress may offer more suggestions, but I know I am always being told to ensure I do keep all updates fresh.

I don't think changing web host is needed, and there are a few password managers to consider. I am trialling LastPass at the moment and its taking a while to get to grips with it, but I think its going to be worthwhile.
** Richard
PIMS: Holiday Rental Management system
They say we learn from our mistakes. That makes me a genius !
User avatar
CarolineH
Posts: 888
Joined: Thu Sep 29, 2011 5:12 pm
Location: Nr Dinan, Brittany, France

Post by CarolineH »

e-richard wrote: I am trialling LastPass at the moment and its taking a while to get to grips with it, but I think its going to be worthwhile.
Thanks for that Richard, LastPass is the one that I was looking at, too!

The problem with the website has recurred three times this weekend, so I'm a bit stressed having to check all the time.
User avatar
bornintheuk
Posts: 538
Joined: Sun Jun 12, 2011 11:18 am
Location: Southern Charente

Post by bornintheuk »

This post covered a website where you can see if your password has been compromised. Maybe worth a look.
viewtopic.php?t=25770&highlight=
What would Plato do ?
User avatar
greenbarn
Posts: 6146
Joined: Sat May 30, 2009 6:41 pm
Location: The Westmorland Dales, Cumbria

Post by greenbarn »

If it's a Wordpress site, do you have Wordfence installed?
User avatar
CarolineH
Posts: 888
Joined: Thu Sep 29, 2011 5:12 pm
Location: Nr Dinan, Brittany, France

Post by CarolineH »

greenbarn wrote:If it's a Wordpress site, do you have Wordfence installed?
Thanks, GB, I didn't, but I do now. 8)

The biggest problem is that my main email address has been used to send out over 2500 spam/virus emails during the last couple of days. With the help of the team at webhostingpad, I have put extra security on my email : I already had SPF security but have now enabled DKIM - I'm hoping that this will stablize the problem.

The admin team automatically suspends accounts where action like this occurs, and I have been locked out of my email 5 times in the last 24 hours!
User avatar
greenbarn
Posts: 6146
Joined: Sat May 30, 2009 6:41 pm
Location: The Westmorland Dales, Cumbria

Post by greenbarn »

CarolineH wrote:
greenbarn wrote:If it's a Wordpress site, do you have Wordfence installed?
Thanks, GB, I didn't, but I do now. 8)
So now you can look forward to receiving notifications when someone tries to log in to your website (your choice on the notifications you receive) which can be quite an alarming number at times if you're subject to a POST attack.
I have Wordfence set up to immediately block any IP address that attempts a login with incorrect username/password (BTW, if you have "test" as a valid username, delete it - I've seen a lot of attempts using that, second only to the website name); I've also blocked entire countries. Oh, the POWER!! :twisted:
User avatar
Nemo
Posts: 7062
Joined: Thu Aug 14, 2008 10:15 am
Location: Norfolk

Post by Nemo »

I've had it happen to me once. My site was not hacked, but the attempt meant that I woke in the morning to hundreds of emails (from wordfence) notifying me of the attempt. My host shut my site down without notifying me, so it was only the wordfence emails that alerted me.

I was up and running within 24 hours; I changed the necessary passwords and paid my webguy to check behind scenes that no-one had installed anything they shouldn't on my site. It was a really serious hacking attempt, automated through the night to try hacking it every minute or so.

I use Lastpass, as recommended by my webguy. It's pretty revolutionary to be honest and I can never go back to recording my passwords elsewhere or in code. It's not the easiest system to get to grips with and you will find issues arise, but it's all resolvable. I haven't bothered to pay for the mobile version, I just have the free desktop version and I can use that on a browser on my phone when necessary. It will send me an email when it detects I'm in a different country or a new device etc to allow me to use the service. I just need to change my master password as a result of a request from them. Hard as my master password was the one I can remember 100% of the time. :)
User avatar
CarolineH
Posts: 888
Joined: Thu Sep 29, 2011 5:12 pm
Location: Nr Dinan, Brittany, France

Post by CarolineH »

Nemo wrote:I've had it happen to me once. My site was not hacked, but the attempt meant that I woke in the morning to hundreds of emails (from wordfence) notifying me of the attempt. My host shut my site down without notifying me, so it was only the wordfence emails that alerted me.

I was up and running within 24 hours; I changed the necessary passwords and paid my webguy to check behind scenes that no-one had installed anything they shouldn't on my site. It was a really serious hacking attempt, automated through the night to try hacking it every minute or so.

I use Lastpass, as recommended by my webguy. It's pretty revolutionary to be honest and I can never go back to recording my passwords elsewhere or in code. It's not the easiest system to get to grips with and you will find issues arise, but it's all resolvable. I haven't bothered to pay for the mobile version, I just have the free desktop version and I can use that on a browser on my phone when necessary. It will send me an email when it detects I'm in a different country or a new device etc to allow me to use the service. I just need to change my master password as a result of a request from them. Hard as my master password was the one I can remember 100% of the time. :)
Exactly what happened to me, Debbie. Yes, all is fixed now, but am still fighting and deleting the massive amount of "return to sender" emails that are coming through - they have subsided a bit this morning.

I have got lastpass installed, but as you say, still getting to grips with it. It is complicated when you have multiple, similar looking sites : for example, I have three gmail accounts, which it gets confused about. But I'm sure that with a little patience, I'll get to grips with it.

Why do these things always happen at the end of the season when I'm shattered, but still have to keep going .... :cry:
User avatar
Nemo
Posts: 7062
Joined: Thu Aug 14, 2008 10:15 am
Location: Norfolk

Post by Nemo »

S*** law that's why. :wink: Hang in there. Getting to grips with lastpass is not a quick affair, it will become easier, but I'm still adding sites as I go, as some you find you don't need to use very often. Eventually I hope it will hold the log ins for all the sites I need. I use the notes section too for useful reminders or other pin numbers or passwords that may be needed such as my bank. It remembers my online log in for example but I have a telephone security number too, so that is written in the notes.
la vache!
Posts: 11065
Joined: Wed Feb 16, 2005 7:22 pm

Post by la vache! »

Is anyone else having issues with Wordfence? It is going over and above duties as it is preventing me from accessing my WP sites as well as unauthorised users. I've had to disable it in order to update my websites.
Post Reply