The virus is a software product and it does not get to the site by air. The virus is brought to the site after the hacking or the owner (administrator) of the site enters a virus with extensions and system templates. Lets consider the 6 main points of “entry” of viruses on the site.
1. Hacking server hosting provider
Any service hosting provider is, in fact, a large computer that is also exposed to attacks and infections. Unfortunately, if your sites are located on a service that has been or is being attacked, you can react to this situation only sequentially, that is, to eliminate the consequences of hacking or attacking.
Protection against hacking of the hosting provider’s service can only be preventative.
Choosing a hosting provider, choose only trusted and top-end services. Note whether the hosting provider is using its data center or rents it. In a reviews of the hosting provider pay attention to the statistics of its downtime and unavailability of sites.
The “defenders” of sites have the first “golden” rule: for each domain (site), you need to create a separate user account. It practically doesn’t work out for Shared Hosting (hosting, where under the same account, you are allowed to create 2-20 sites), but it is quite feasible on VDS-servers. Such separation of sites by accounts, isolates sites from each other and when one site is infected, excludes a similar infection of other sites of the account.
2. Hacking the site through “holes”, the vulnerability of CMS
Any content management system (CMS) eventually becomes vulnerable. Not an exception and CMS Joomla. That is why it’s important for Joomla Security to monitor the system updates and periodically update it with new security releases.
3. Hacking CMS Joomla
Methods hacking CMS are as follows:
– Hacking Web site and download shells and backdoors through various forms of downloads: photos, media files, and other files;
– Introduction of malicious code through spam mailing or through SQL injection;
– Theft of site administrator data (SQL injections, XSS attacks, bruteforce);
– Website infection through third-party extensions and templates;
– Downloading extensions and templates from blogs and Webmasters’ sites, even the most famous ones, is the direct way to possible infection of the site. Sometimes, such a chain-loading extension, from user to user, leads to massive infection;
– Not recommended and all kinds of “torrent” trackers, offering a free download of a paid extension or template.
4. Hacking the Joomla site with a brute force attack
Bruteforce attack is the selection of the name and password of the site administrator. This loophole is closed by complex administrator passwords and changing the administrator’s name from the “admin” to another one.
5. Website hijacking FTP interception
Working with the site impossible to manage without access to an FTP site directory. FTP protocol is quite accessible and it would be strange if the attackers did not try to use this loophole. To protect yourself from this loophole, you need to use the SFTP protocol, create a separate FTP account for each site and not to store passwords in the FTP client.
6. Unprofessionalism of hired freelancers
If you do not deal with the site by yourself and hire freelancers to change design or other work, it is possible a virus code infection.