Lay My Hat home page Lay My Hat Forum
The forum for holiday rental owners


 
  FAQFAQ    SearchSearch    MemberlistMemberlist   UsergroupsUsergroups    RegisterRegister  
  ProfileProfile    Log in to check your private messagesLog in to check your private messages    Log inLog in 

Website security issues and password managers

 
Post new topic   Reply to topic    Lay My Hat Forum Index -> The Workshop
View previous topic :: View next topic  
Author Message
CarolineH



Joined: 29 Sep 2011
Posts: 888
Location: Nr Dinan, Brittany, France

PostPosted: Tue Sep 06, 2016 7:56 am    Post subject: Website security issues and password managers Reply with quote

I have had an alarming weekend. Firstly my website was not available with this message :

My site is hosted by webhostingpad (who I have had no problems with in the past). They changed the password to my mail account last week and then sent me a message (to that account!) telling me that they had done it due to a large amount of SPAM being sent from my account.
So I am unaware because I didn't get the email (or any of my customers emails).
I have raised a support call and they have told me all of this but it has since happened three times more. I guess they have an automatic bot changing passwords when things get a bit iffy.

So - I have changed my passwords to their recommendations (my previous password was already a generated one, so there shouldn't have been any problems there) However, I was using the same password on several accounts.

Two questions:
1. Should I move my website - I'm really not happy about my site showing a message like this
2. Can anybody give me any information about password management sites so that I can have really complicated passwords changing regularly, but kept in a central place?

Many thanks
Caroline
Back to top
View user's profile Send private message
e-richard



Joined: 17 Oct 2004
Posts: 4963
Location: Algarve, Portugal

PostPosted: Tue Sep 06, 2016 8:14 am    Post subject: Reply with quote

Caroline,

I know its little comfort, but this is not an unusual occurrence. There are plenty of scum out there who think its clever to hack into people's websites and add some malicious code for various unpleasant reasons. Sadly its common at WordPRess sites.

It appears that the malicious code has now been removed, and your site is running fine. You may have to refresh te page at your end.

The key passwords to change are your website login and if you have cPanel login, change that one too.

Others, more expert at WordPress may offer more suggestions, but I know I am always being told to ensure I do keep all updates fresh.

I don't think changing web host is needed, and there are a few password managers to consider. I am trialling LastPass at the moment and its taking a while to get to grips with it, but I think its going to be worthwhile.
_________________
** Richard
PIMS: Holiday Rental Management system
They say we learn from our mistakes. That makes me a genius !
Back to top
View user's profile Send private message Visit poster's website
CarolineH



Joined: 29 Sep 2011
Posts: 888
Location: Nr Dinan, Brittany, France

PostPosted: Tue Sep 06, 2016 8:30 am    Post subject: Reply with quote

e-richard wrote:
I am trialling LastPass at the moment and its taking a while to get to grips with it, but I think its going to be worthwhile.


Thanks for that Richard, LastPass is the one that I was looking at, too!

The problem with the website has recurred three times this weekend, so I'm a bit stressed having to check all the time.
Back to top
View user's profile Send private message
bornintheuk



Joined: 12 Jun 2011
Posts: 454
Location: Southern Charente

PostPosted: Tue Sep 06, 2016 9:28 am    Post subject: Reply with quote

This post covered a website where you can see if your password has been compromised. Maybe worth a look.
http://www.laymyhat.com/forum/viewtopic.php?t=25770&highlight=
_________________
What would Plato do ?
Back to top
View user's profile Send private message
greenbarn



Joined: 30 May 2009
Posts: 6007
Location: The Westmorland Dales, Cumbria

PostPosted: Tue Sep 06, 2016 10:24 am    Post subject: Reply with quote

If it's a Wordpress site, do you have Wordfence installed?
_________________
Our Facebook page
Back to top
View user's profile Send private message
CarolineH



Joined: 29 Sep 2011
Posts: 888
Location: Nr Dinan, Brittany, France

PostPosted: Tue Sep 06, 2016 1:38 pm    Post subject: Reply with quote

greenbarn wrote:
If it's a Wordpress site, do you have Wordfence installed?


Thanks, GB, I didn't, but I do now. Cool

The biggest problem is that my main email address has been used to send out over 2500 spam/virus emails during the last couple of days. With the help of the team at webhostingpad, I have put extra security on my email : I already had SPF security but have now enabled DKIM - I'm hoping that this will stablize the problem.

The admin team automatically suspends accounts where action like this occurs, and I have been locked out of my email 5 times in the last 24 hours!
Back to top
View user's profile Send private message
greenbarn



Joined: 30 May 2009
Posts: 6007
Location: The Westmorland Dales, Cumbria

PostPosted: Tue Sep 06, 2016 4:26 pm    Post subject: Reply with quote

CarolineH wrote:
greenbarn wrote:
If it's a Wordpress site, do you have Wordfence installed?


Thanks, GB, I didn't, but I do now. Cool


So now you can look forward to receiving notifications when someone tries to log in to your website (your choice on the notifications you receive) which can be quite an alarming number at times if you're subject to a POST attack.
I have Wordfence set up to immediately block any IP address that attempts a login with incorrect username/password (BTW, if you have "test" as a valid username, delete it - I've seen a lot of attempts using that, second only to the website name); I've also blocked entire countries. Oh, the POWER!! Twisted Evil
_________________
Our Facebook page
Back to top
View user's profile Send private message
Nemo



Joined: 14 Aug 2008
Posts: 7033
Location: Norfolk

PostPosted: Wed Sep 07, 2016 10:21 am    Post subject: Reply with quote

I've had it happen to me once. My site was not hacked, but the attempt meant that I woke in the morning to hundreds of emails (from wordfence) notifying me of the attempt. My host shut my site down without notifying me, so it was only the wordfence emails that alerted me.

I was up and running within 24 hours; I changed the necessary passwords and paid my webguy to check behind scenes that no-one had installed anything they shouldn't on my site. It was a really serious hacking attempt, automated through the night to try hacking it every minute or so.

I use Lastpass, as recommended by my webguy. It's pretty revolutionary to be honest and I can never go back to recording my passwords elsewhere or in code. It's not the easiest system to get to grips with and you will find issues arise, but it's all resolvable. I haven't bothered to pay for the mobile version, I just have the free desktop version and I can use that on a browser on my phone when necessary. It will send me an email when it detects I'm in a different country or a new device etc to allow me to use the service. I just need to change my master password as a result of a request from them. Hard as my master password was the one I can remember 100% of the time. Smile
Back to top
View user's profile Send private message
CarolineH



Joined: 29 Sep 2011
Posts: 888
Location: Nr Dinan, Brittany, France

PostPosted: Thu Sep 08, 2016 8:57 am    Post subject: Reply with quote

Nemo wrote:
I've had it happen to me once. My site was not hacked, but the attempt meant that I woke in the morning to hundreds of emails (from wordfence) notifying me of the attempt. My host shut my site down without notifying me, so it was only the wordfence emails that alerted me.

I was up and running within 24 hours; I changed the necessary passwords and paid my webguy to check behind scenes that no-one had installed anything they shouldn't on my site. It was a really serious hacking attempt, automated through the night to try hacking it every minute or so.

I use Lastpass, as recommended by my webguy. It's pretty revolutionary to be honest and I can never go back to recording my passwords elsewhere or in code. It's not the easiest system to get to grips with and you will find issues arise, but it's all resolvable. I haven't bothered to pay for the mobile version, I just have the free desktop version and I can use that on a browser on my phone when necessary. It will send me an email when it detects I'm in a different country or a new device etc to allow me to use the service. I just need to change my master password as a result of a request from them. Hard as my master password was the one I can remember 100% of the time. Smile


Exactly what happened to me, Debbie. Yes, all is fixed now, but am still fighting and deleting the massive amount of "return to sender" emails that are coming through - they have subsided a bit this morning.

I have got lastpass installed, but as you say, still getting to grips with it. It is complicated when you have multiple, similar looking sites : for example, I have three gmail accounts, which it gets confused about. But I'm sure that with a little patience, I'll get to grips with it.

Why do these things always happen at the end of the season when I'm shattered, but still have to keep going .... Crying or Very sad
Back to top
View user's profile Send private message
Nemo



Joined: 14 Aug 2008
Posts: 7033
Location: Norfolk

PostPosted: Thu Sep 08, 2016 10:05 am    Post subject: Reply with quote

S*** law that's why. Wink Hang in there. Getting to grips with lastpass is not a quick affair, it will become easier, but I'm still adding sites as I go, as some you find you don't need to use very often. Eventually I hope it will hold the log ins for all the sites I need. I use the notes section too for useful reminders or other pin numbers or passwords that may be needed such as my bank. It remembers my online log in for example but I have a telephone security number too, so that is written in the notes.
Back to top
View user's profile Send private message
la vache!



Joined: 16 Feb 2005
Posts: 11068

PostPosted: Thu Aug 10, 2017 3:15 pm    Post subject: Reply with quote

Is anyone else having issues with Wordfence? It is going over and above duties as it is preventing me from accessing my WP sites as well as unauthorised users. I've had to disable it in order to update my websites.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Lay My Hat Forum Index -> The Workshop All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group