Let’s get this straight from the beginning: this isn’t a typical Randombyte blog post. Today, I’m not going to talk about online marketing, but about poor website hosting companies, hackers, and what you can do to spot them.
Here at Randombyte, we run several online businesses in parallel. We do SEO and Online Reputation Management, we have built a unique rank tracking system, and more. To avoid putting all our eggs in one basket, we use several hosting accounts provided by different web hosting companies.
Some of these companies are excellent—we haven’t had any incidents with them for years! Unfortunately, others are quite poor, with a lot of downtime and relaxed security measures that practically open doors to hackers.
Terrible Hosting Account Security Details
When was the last time you heard of a web hosting company that limits your FTP account passwords to 12 characters and doesn’t allow special characters like # or &? I won’t mention the company’s name here, but if you’re using it, you know exactly what I’m talking about.
You might think that a 12-character password is long enough, but trust me—a cloud-based brute force attack could crack it in minutes. This means that no matter what you do to keep your site secure, the entire folder containing it can be easily exposed.
This hosting company has frequent downtime problems and fails to keep hackers at bay. I knew about the downtime because a particular site was down every now and then, but I didn’t realize my accounts could be easily hacked. Imagine my surprise when a simple Google search revealed this image of my website a few weeks ago:
As you can imagine, I contacted the hosting company right away. They did their best to fix the problem in about 12 hours, and I thought my worries were over. But no, they weren’t. A second account was hacked a few days later, even though I had changed all the passwords for all the accounts after the first incident. And no, my computer wasn’t infected with a virus.
Was Your Website Hacked as well?
I don’t want to scare you, but a Google search using a few words from the description tag of my hacked website returns over 90,000 results; I really hope your site wasn’t attacked as well.
It goes without saying that frequent website downtime and successful hacker attacks will seriously affect your search engine rankings.
Randombyte’s Free Downtime and Hacker Checker
So what did I do to prevent these issues from happening repeatedly? First, I moved the sites associated with those hosting accounts to a different hosting company. Then, I built the URL Checker tool and decided to give it away to everyone, in an effort to prevent these problems for others.
It’s a Windows application, but it runs fine on Mac, Linux, and other operating systems through an emulator. Just do a Google search for “run Windows on Mac,” and you’ll find several good solutions. For instance, I have a MacBook Pro, and all my Windows applications (including this one) run great on it through Boot Camp.
URL Checker: a Quick Guide
1. Download the program from here, and unzip it.
2. Double-click the sites.txt file, and add all the sites you plan to monitor, using a separate line for each site. You can safely remove the existing websites.
3. Run UrlChecker.exe, and you’ll see the main program window.
4. Use File -> Open URLs or the button beside the “URLs file” field to open your sites.txt file, and press “Start.” The program will check each URL and tell you if it’s offline or hacked.
The hacking discovery mechanism uses two different methods: a bad keywords list defined by you and a website page size check. Use the bad keywords list check each time, unless your sites use those keywords. The website page size check should only be used if your sites are HTML-based, static web properties.
WARNING: If your sites are dynamic (think WordPress, etc.) and you use “Check page size,” you will get “hacked” messages even if your sites are clean, because the pages are generated dynamically, so their sizes can change. However, if your sites are 100% static, use the “Save” button to save the current page size at the end of the first program run; this way, you’ll know if the page size changes in the future. Remember to choose “Check page size” only for static HTML websites.
The program folder includes a starter badkeywords.txt file. Open the application folder and double-click badkeywords.txt to open it. Add or remove bad words, ensuring each new word is on a separate line.
If you get stuck, you can always read the built-in manual by accessing the “Help” menu. I hope you find this tool useful; I know I do, because I use it regularly. And by the way, URL Checker is 100% free and doesn’t contain any malware or viruses.
