- 1,432
I've had several sites hacked.
The first time, it was my coding. I had my mySQL password in the wrong place.
After that, however, all of the hacking was done through WP or vBulletin forum software (the same software used for this site). Unfortunately WP and vBulletin are so popular that a lot of really smart people spend a lot of time figuring out how to hack the code.
It sucks, but you have to keep working to stay one step ahead of hackers. The truth is that if a hacker wants to get in badly enough and the hacker is good enough, the hacker will succeed. That being said, you don't want your site to be low hanging fruit.
BTW, The tip from scagnt83 about not using "admin" is a good one. I "got got" once that way. If they know the user name, they can use a "dictionary attack" to find the password. Easy peasy for a hacker.
I'm not sure what the long term solution is, but I'll be paying attention to this thread.
The first time, it was my coding. I had my mySQL password in the wrong place.
After that, however, all of the hacking was done through WP or vBulletin forum software (the same software used for this site). Unfortunately WP and vBulletin are so popular that a lot of really smart people spend a lot of time figuring out how to hack the code.
It sucks, but you have to keep working to stay one step ahead of hackers. The truth is that if a hacker wants to get in badly enough and the hacker is good enough, the hacker will succeed. That being said, you don't want your site to be low hanging fruit.
BTW, The tip from scagnt83 about not using "admin" is a good one. I "got got" once that way. If they know the user name, they can use a "dictionary attack" to find the password. Easy peasy for a hacker.
I'm not sure what the long term solution is, but I'll be paying attention to this thread.
