Home > Ftp Security
ftp security

FTP Security

Enuring your site doesn't get hijacked

The Threat

So what are the threats that are out there? Malware and viruses are continually being developed to try and exploit inexperienced users and also any weakness within Operating systems and commonly used programs. A common malware / virus that is infecting a lot of web sites is the JSRedir-R or gumblar virus. This virus redirects you from the page you thought you were visiting and takes you to a site that then attempts to download nasty code onto your computer.

Once downloaded this virus does a lot of bad things, but the one we are concerned with here, is that it "sniffs" out or looks in common places for usernames and passwords. It is particularly interested in FTP details, as using this information it can infect a web site that may go on to infect hundreds if not thousands of other users.

Consequences of becoming infected

The importance of keeping your ftp username and password secure cannot be overstated. If someone who has your ftp details (such as a web designer or employee) becomes infected with the Gumblar virus, it is highly likely that your web site will also become infected. What this means in real terms, is that your web site will infect the computers of your customers and others who visit it. Eventually Google will figure this out and they will then list your site as one which is spreading malware. The main web browsers all keep track of this list and if you browse to one of these sites, the browser will alert you with a large red warning saying "Are you sure you wish to continue, this site is known to spread malicious software." as you can imagine this is not something you want potential customers to see. Even after you have cleaned up the site, it can be a number of weeks before Google comes back and sees that you are no longer distributing malicious software.

How to keep your ftp username and password secure

There are two main steps.

  • Step 1

    Secure your pc. The first port of call is to stop the virus from being able to download onto your pc in the first place, or if it is downloaded, that it is immediately identified and killed. The best way to achieve this is to get a good anti virus program. We recommend and also use Eset Nod32 while this is not the only anti virus which will protect you, it is the one that we feel is the best

  • Step 2

    Secure your passwords. Many ftp clients store your username and password in plain text. This is known to the creators of the virus, this means that once the virus starts running on your pc, it looks through your directories for files containing usernames and passwords. Once they have been found they are used to upload the same code that infected your pc to your web sites, so that visitors to your sites also become infected. You can prevent your passwords and usernames from being used if you store them in an encrypted format. This means not storing your passwords within your ftp client. Instead we recommend using a tool such as key pass password safe

Need Help? - Call us now on 1890 987000 Free Domain Search & Register Domain name registration
Home | Hosting | Blog | Domain Names | Demo | Affiliates / Resellers | Resource Management | About Us | Contact Us | UK Web Hosting
| © 2012 HostingIreland |
windows logophp logoMySQL logoasp logoperl logodot net logohelm logoxen logohyper V logoapache logoNod 32 logocomodo logo dell logohotline logoispai logo