Recently, our Development Team at Laser Red responded to a query from a client about an attempt by someone to gain unauthorised access to one of their websites. Thankfully no harm was done but it did open up a conversation regarding attacks on “website real-estate”.
Website security is something we take very seriously, and we know that no website is 100% safe from attack.
What is a Security Attack?
Your website, like every other site around the world, is constantly being probed and bombarded and checked for any weaknesses; this is simply a factor of being online. It’s the reason we carry out website security checks every month on our client’s sites.
How do we prevent this from happening in the future?
If we showed you the raw access logs of your website (which registers all of the web requests made), or any other website we had the logs for, you’d see that it’s always under attack. All of the time – 24/7.
Just like when you drive up the motorway, your windscreen’s getting hit by insects at 70mph; your website being live and public means that it is always being checked by bots and other agents to see if there are weaknesses and to try to get into it. The only way to prevent every attack possible is to pull the plug out.
So, there’s nothing we can do?
Not at all – there are definitely things we can do to reduce the risk to your website security.
Instead, the risk is mitigated (though never nulled) by using tools such as firewalls employed at different points of the traffic hitting the site, some of which can recognise sustained requests from the same location, can block countries and certain bots, etc.
Your web server software should always be kept up to date and the firewall on there maintained, and the code on the website should also maintained and updated. This is a key part of what we offer our retainer clients, with monthly reports and updates based on what we find.
Can you trace the attack?
While it’s possible to trace a single attack, there’s only so much information to gleam from doing so and to trace every potential attack would take a lot of time.
There are literally thousands of website attacks going on right now and trying to trace every one of them back to their sources would be pretty much impossible.
Can attackers target a URL if it’s not ‘live’ to end-users?
If the URL in question was once live at some point, then yes. If it’s been indexed by a search engine or a bot, and especially if it’s a standard admin URL on well-used platform then we’d fully expect attackers to try this avenue as a way in.
Your website address (being public) would have been scanned and recognised as such. It would then have made its way onto various lists, etc. that will have been sold on. Just because something isn’t “live”, doesn’t mean it isn’t publicly accessible.
Sites such as BuiltWith can show you everything that’s been gleaned from a website in terms of the technology used. You can’t avoid this information being out there when your site’s public.
Just to summarise, a website being under attack is nothing to be feared – it’s like being fearful of germs in the air around you.
You can’t really do much about it, without constantly reacting every minute of the day, other than respond when it causes performance or uptime issues.
It’s important to ensure the environment and site are in the best health possible at all times (which is what our monthly maintenance reports are all about).
An attack is to be expected – unauthorised access, often as a result of an attack, is an issue – if someone does get in then at that point there’s a problem.
Would you like to discuss your website security with a member of our development team? Get in touch today or give us a call.