Security Audit


#1

Support tells me that I need to do a security audit on my website (it’s been hacked), but they did not mention any tools.

They don’t list any tools so I’m wondering if any of you have installed anything to perform such audits.

Thanks.


#2

I’d just do a search for the name of your software and “vulnerability”

-Scott


#3


what sort of site are you running?

if it is wordpress, you can try this plugin:

http://semperfiwebdesign.com/plugins/wp-security-scan/


#4

I’m running plain HTML.


#5

I don’t get what you mean by “the name of your software”. My website was hacked. DH wants me to do a security audit.

??


#6


then, if i was you, i’d erase everything and re-install your html files.

is that a feasible option for you?


#7

And change all of your passwords to something harder to guess. If it’s a plain HTML site, then the only way in is with your FTP password. Now it’s up to you to figure out how someone guess it, along with knowing your username.

-Scott


#8

Thanks, people.

I’ve changed the password. I’ll have to cogitate on how it escaped.