Detecting hacks to your website
Many hacks are obvious - your site content visibly changes or your browser now reports the site is serving malware! Your customers, friends and webhost will be complaining very quickly.
But perhaps the worst hacks are the ones that do not advertise themselves and become part of your Website without you noticing any significant change. This second type of hack is probably more common than the first! These hacks can live for months or years before being detected and in the meantime the hackers have stripped out credit card information and personal data or have been using the site to channel malware and spam, manage a bot network or take part in DDOS attacks.
What ever type of hack afflicts your site it is can be obvious what is happeneing but unless you have the right tools it is very, very, difficult to know how it happened and how to put it right. It can take days or even weeks to rebuild a site back to what it was.
There is a solution to this problem. A powerful tool that system administrators use to track malicious or unplanned changes can be applied to websites too. It is a file integrity checker or file integrity monitor. Basically, a program to look at your file system and then report any changes back to you. This is something that is done manually but the best protection comes from running it automatically at regular intervals like a security patrol guard hunting out changes for you and then proactively notifying you by email or other means. This is exactly what SSIM (Simple Site Integrity Manager) does.
Programs like SSIM are critical for detecting and recovering from this type of breach.
SSIM is useful for detecting changes made maliciously by hackers or for
confirming changes made by you or other editors of your website. Its purpose is to scan the files and directories of your website looking for changes. If SSIM finds anything that has been modified, added or deleted it will produce a report telling you exactly what has happened.
- Easy to use web interface - even access from your mobile phone
- Email reports to your mailing list - everyone who needs to know can react.
- Critical file backup - damaged files can be recovered
- A colour coded difference report is generated for critical files. Quickly identify the changes
- Secure login - even from cafe hotspots
- Every install unique - hackers can't script attacks against it
- File and directory filters - to tune your monitoring
- No database required
- Prepackaged 5 minute installation
With its automation and detailed reporting SSIM gives you timely actionable data that documents changes you make to your site or information you need to recover from an attack. Very flexible with audit and management user roles and passwords, file filters and mail control.