It can happen for a number of reasons but it’s usually due to either insecure themes or plugins which use code that was poorly written and/or code that has not been maintained or updated. The key point to this is to make sure that the themes and plugins you use are actually supported. I actually prefer plugins that are “for pay” and maintained.
I also make sure to maintain incremental backups every 6 hours, daily, weekly and monthly for up to 6 months.
Anyhow for the last several months we’ve been dealing on and off with a link hacker. At times he’s taken down a site and we’ve restored a backup. None of the scans showed the exploits he was using and the logs didn’t provide the information that we needed to identify him or the exploit. (This one was actually built into the theme a hosting client was using.)
Anyhow, yesterday during a routine check I noticed that some link pages were up on this site again. So I made some changes to the files and killed them. A few minutes later they were back and this continued for about 30-45 minutes where to my surprise the hacker started to engage me in conversation in the .htaccess file.
Curious and not sure if this was part of a more elaborate script I decided to respond back. And then the fun began.
I did this to bait him for two reasons: 1) I was trying to get him to open up and identify himself which I knew wasn’t likely, and 2) I was trying to get him to communicate enough so that we could monitor the log files and figure out which IP(s) were him. We were actually able to find 5 different IPs that he was cycling through trying to be stealth – of course, all using proxy’s.
#do not make me angry #why? #I do not want to harm your site,but if you do not calm down… #I’m very calm and I like to play… #I like you dude #Then why are you fucking with my friends? #you’re gay? lol #tell my wife… my life might be easier. #how old are you?. #I don’t understand?
#I’m 43 – how old are you? – This is actually kind of fun… #I’m 32 – This is actually kind of fun and for me… #:) I used to do what you do – but long before the internet. #No, but do it before the internet was impossible #I started in 1981 with a Commodore 64 – right before you were born…. #I have to leave right now,I was very glad to talk with you… #Do you have to go to work now? – Curious if the links pay well? #this is my job – not bad #cool – curious if I can hire you for some security work some time? I do this site for a friend so I don’t get paid to help them. But I have other paying clients. #talk to you later,in an hour. #OK #I’m here #I see… #how much you earn per month? #probably much less than you. #my job is profitable but very nervous,not all such nice people like you…) #Is it often that you engage people in the .htaccess file? Curious how often they write back… #you are the only one who answered…) #At first I was curious if it was part of a script – so when you answered back I figured why not? How long have you been in this line of work? #4 years #Cool… The proxy you are using has a reverse IP from Turkey. I’m in California. Figured you were in Turkey or France. #if you have good websites they can earn good… #so where do we go from here? #in sense? #I don’t know. For my friends I need to secure their site. At the same time you may have some knowledge that could be valuable to me and others so I’m wondering if I could hire you from time to time to try to hack sites and let me know if they are easily exploitable. #I myself did not break anything, I buy from other compromised sites #but if you have a server where the good sites that we could cooperate. #I’d love to say yes and make more money but my friends would probably not want to do it. And the outbound links cost them SEO value as well. #these actions do not harm the sites, and I have stamped links to these sites that affects good for seo. #but they show up on site:[website].com and it makes them look like they are selling drugs #it sees only those who need drugs – and site admin…) #I can’t do it. Are you available to try to hack sites for a fee? Hey – are you Czech? #I wrote that I did not hacked sites I buy from those who hacks – No. #Oh, I see. What kind of CPMs do you usually get? I do have some other sites #they pay me% of the purchases,if you have a good site, you can earn a month 500-1000 $ #OK you can email me at [email address] – but for this site I need to clean it up. I’m sorry man. I don’t own it and they don’t want the ads or spam emails sent. ;( #do not do it. #I have to… I’ve enjoyed chatting. Feel free to email me. I’m locking you out now. Goodbye.
After identifying his IP addresses we were able to crawl through the log files and see all of the files that he touched – even going back to March. We deleted and all non-critical material and then proceeded with fresh installs of everything.
Now it’s only been ½ a day since the event and we’ve seen him continue to attempt to infiltrate the site – but so far he’s been unsuccessful. Even better, because we are monitoring his IP’s we are watching to see everything that he’s trying so that we can test his methods against all of our client sites.
Anyhow, the best part of RinkTime vs. a lot of the other sites who report traffic, browser and OS numbers is that it’s audience really is middle-American families – and I think it demonstrates a pretty good cross spectrum of users – unlike a lot of sites who cater to a technical or business crowd.
So, here’s what we’ve got.
Starting with 2006
Microsoft Windows OS Dominance with a 94.48% visitor-share… Apple/Mac had just 5% of the visits and Linux a measly 0.18%.
2007 & 2008
Also notice that PalmOS which registered 0.02% in 2007 and 0.05% in 2008 has disappeared. Blackberry which didn’t register until 2009 with 0.16% grew to 0.59% this year.
But the BIG movers are the iPhone/iPod (and soon to register iPad) devices…
In 2007, the iPhone registered just 0.07% of our visitors. That grew to 0.62% in 2008 turning it into our 3rd most popular OS behind Microsoft and Apple in 2008.
2009 – The Year of Mobile
2009 was truly the Year of Mobile though in the US with the iPhone growing to 1.77% of our visitors and iPod growing to 0.53%. 2009 was also the year that Android debuted with 0.40% visitor-share.
2010 in Summary
This year to date, January 1, 2010 through June 5, 2010 it looks like this…
Microsoft is still in the dominant position with 82.23%, but has taken a huge hit with Apple growing to over 10%. And when you combine Apple OS, iPhone, iPad and iPod Touch, Apple owns over 14%. And Linux even being considered an “experts” OS (simplified) has doubled in use. (Most may not consider it being worth mention however I think that’s an important stat.)
Android is making gains on the iPhone visitor-share with a 1.33% share – iPhone usage has grown to a 3.07% share.
Trends – January vs. May, 2010
Finally, lets look at January, 2010 vs. May, 2010 for a picture of today which we can use to establish a trend for mobile and Android‘s rapid growth due to Verizon’s adoption of the Android OS as well as the other carriers.
The iPhone during the 1/2010 to 5/2010 still grew from 2.87% of our visitors to 3.16% (+0.29%) but the Android use grew from 0.99% to 1.79% (+0.8%). It’s all pretty interesting – but the bottom line is that when we build websites, we must be aware of the growth in activity of mobile – and design for these devices as well as the standard and ever changing OS environments.
In my next post, I’ll let you in on something big – the future of search….The ultimate measure that any and all search engines will use as a basis for who ranks for what…
I was just looking out my window and saw some bugs flying around – possibly termites.
You see, here in Southern California it’s been warm – even hot the last couple of weeks. Right now it’s about 74 and the sun is coming out through the overcast askies.
But, these winged beasts made me think of an application that we developed for one of the nations leading pet control companies – One you’ve certainly heard of – a household name.
This company had a past-client and prospect database of many million – I’d write it but it’s now out of date and I also don’t want to get into trouble with the client – we did this back in 1999 – but the lesson which can be taken away from this still rings true today. (Ah who cares… Swarm Map – this can only help them right?)
So, when the call center would receive the right number of calls reporting termites, it would activate the location on the map and simultaneously notify the clients and prospects via email and direct mail that termites were in their area. Its brilliant marketing if I don’t say so myself. This causes people to wonder, call for a free inspection and allows for up sell opportunities.
I’ve heard of home and business burglar alarm companies doing the same thing. These companies subscribe to the reports of crimes in an area, then reference the crime and blanket market these areas for their services – while that pain and fear is still fresh.
So, how can you use a similar technology or marketing technique for what you do?
When you hit a home run or you see one of your competitors hit one, are you calling on related prospects to sell them on the concept or a twist of the concept – an improved concept? Because I’d be willing to bet that the original service provider can’t compete and also didn’t think of the best most impactful way of doing it.