Anything Goes : Why is it that so many people or machines try to hack my humble website and maybe yours? by Stephen Thor

Stephen Thor

Why is it that so many people or machines try to hack my humble website and maybe yours?

Those of who have websites may know what I mean. In the last few days, my anti-hack program on my site has rejected about 40+ attempts. Normally it is about 1 or 2 a week. It's not like my script involves anything controversial, secret or a threat to anybody or anything like that. It is simply an innocent website. Fortunately I have an excellent no-hack program, so far nobody has been successful. One time 2 years ago my site was either attacked or otherwise spammed or harmed, mostly it seems by machines or folks who attempt to guess my user name. With a correct user name, they could then send a request for the password. Not trying to "plug" the security plug-in, but it is Wordfence on Wordpress administered by Bluehost. I built it myself and there are no ads, popups or whatever on it. It seems that the latest attacks are coming from Vietnam this time around. What do these folks or machines hope to gain? It's not like I have a hot site that a hacker could make a lot of money off of by plugging something. Or is there another motive or purpose? it has been accessed over 100,000 times but only by about 4,000 or so times by real people.

Any guesses or opinions, whether right or wrong, informed or uniformed would be appreciated.

Stephen Thor

Pamela Bolinder

What IS the best commercial anti-hack program?

Stephen Thor

Pamela, for Wordpress sites, which are usually built by their owners, it is without doubt the Wordfence security plug-in. But I cannot say about a commercial site, as mine was non-commercial (not selling anything, not accepting ads or donations, etc.) Crossing my fingers, not once since I added it years ago, has anybody been able to hack the site. Before that, I used to use lifelock, which I found to be basically worthless against brute force hacks. When I called them up, they kind of gave me the old "you can't stop EVERY attack". So I cancelled them. The standard Wordfence, which is the one I use because I am a cheepee, also offers a paid 2-step (phone involved) process for logging onto your site.

Forget to add that the site is only for my screenplay so that is why I ask here. I am not selling anything. But it had been hacked years before this. I don't know how it could have happened! (that is a joke). I merely left the standard/default user name of "admin" on it, which both Wordpress and Wordfence warned about doing as they advise to immediately change that once your site is up. Next thing I knew, on nearly every sentence on my site was hacked in the way that ads would pop up on certain words in the sentence. Being so sharp, I logged on as the administrator as usual and found out that there was another name on the administer check page besides mine! Nobody I knew or authorized. Fortunately, this person or machine had not deleted me as a co-administer yet, so I was able to delete the other name and listed a real user password.. If they really had it going on, they would have immediately deleted ME as an administer.

Once, soon after I joined ebay, possibly the most secure and reliable website in the world (another joke) during a spat of genius thought process, used my user name as also my password. Somehow, and I still can't figure out how they did it (joke), some hacker in China figured it out! He or she IMMEDIATELY locked me out or changed the password, so I could not change it as Ebay at that time had no phone number to call. This person then proceeded to list and sell dozens of $1,400 designer handbags (fake of course) for about $250 using my account, which of course had a USA address and 100% positive feedback score. They sold like hotcakes with several people buying multiples for family and friends! And there was nothing I could do about it, at least not for a week or so before ebay acted on my emails..

Ok, here is the kicker. These bags must have been great fakes because about a dozen of the buyers gave me 5 star feedbacks, they were delighted with them. What you don't know won't hurt you? (this does not include s.t.d. and stuff like that). Not a single person posted "hey, this bag is a counterfeit/fake"!

To get back to it, on a non-commercial, no ad, not asking for any money personal little nobody site, just a little guy site, why do the people or machines do that? I am sorry I cannot say about how they are on commercial sites or pay or ad sites, and I do think that Wordfence is only for Wordpress sites. ??? Somebody else here will be better to advise you on that Pamela I'm sure. But if anybody thinks that Lifelock is the bomb, I am saying that their standard paid service was worthless, at least to me. Your results may vary however.

Stephen Thor

Pamela Bolinder

Thank you.

Other topics in Anything Goes:

register for stage 32 Register / Log In