Tuesday, March 01, 2011

Business Scare... Linked to PORN site!!!

Yes, this is a must read for anyone using the Internet for casual use OR conducting business on the Internet. Most businesses would probably never post this info, but after today, I believe it is imperative to guard yourself and your company against the many malicious cyber-crimes and security spy ware programs out to sabotage your company's goodwill and identity.

GoPlanetEarth has a great number of security measures in place to protect our customer information. In fact, we spend a great deal of $$$ each year doing just that... protecting your information. As of today, I can report that we have done that with 100% success. After this incident, I realize that we need to implement other security measures concerning our web site FTP measures. Here's what happened and I'm sharing this because I believe other business owners could be in jeopardy as well.

This afternoon, I updated some of our web pages to reflect changes. I signed onto our FTP server as usual (which we have been using with NO issues for over 8 years). I uploaded our pages and asked that someone preview those pages to ensure all was well. All was not well. I had lost all CSS style menus which meant customers could not navigate our site. Bad News!!!! But, that was only the beginning.

Upon reloading our web site page in the browser, I immediately noted that there were other unknown web sites being scanned (in a VERY rapid succession) in the very right corner of the IE browser. This was a definite alert that something was amiss. I was able to write down just one of the web sites (which I will not name due to its content). A visit to this site was shocking!!!! Yes, absolutely shocking considering we are a family valued soap making company. It was a porn site. Our web site had been hacked via a FTP program and was being redirected to this site. HELP<> ME JESUS was all I could utter.

I apologize for the lengthy post, but believe it is warranted. Thankfully, I have an HTML progamming background and a history of web site development. I felt like Sherlock Holmes as I tried to determine the line of attack. I signed onto our FTP program since that is where the issue first began. Sure enough, I found a .htpaccess file that was recently accessed. I know most won't know what this is, but basically, someone....some hacker program had rewritten this file to redirect to their porn site.

I took the corrective actions (thank you, Jesus, for your wisdom and guidance on that one...and understanding of the .htpaccess files). I deleted the file and uploaded the correct file. WOW!!!! What a scare and what a lesson about FTP security. For those of you who think you are immune, think again. GoPlanet has taken extreme measures to secure every aspect of our web site's FTP services. I hope you do the same.

5 comments:

theVEROblog said...

oh no! sorry you had to deal with that!

Denise said...

@theVeroBlog, thank you! A soap making business should not have to encounter such issues. Sadly, in this age, no one is immume. :((

Sailor Mouth Soaps said...

What a shock! I can't believe how cheeky hackers can be, glad you fixed it in time, thanks Denise!

daisydilly (vicki) said...

Thank goodness you caught it quickly!! I wouldn't even begin to know how to deal with such issues and thats why I'll just sell my soaps via good old fashion mouth!! I went looking for paper dolls one time and you can only guess what I got!! (lol) Again glad all turned out well for you.

Denise said...

Yes, Vicki. Very lucky it was noted early. Just another reminder how vigilant we all need to be when operating a business via Internet. Thank goodness, we have many safety guards in place and have an awesome IT team as well. Protecting not only our data but our customer's data is of utmost importance to us.