I’ve heard about people trying to take over websites, but I wasn’t aware of the magnitude of the problem until I installed a little widget on my blog to measure such activities.
After about a week of the widget monitoring such activity my reaction to the data it collected is holy @#&$%@#%$!
Because over the last 5 days since I installed this widget, about 300 times a day someone enters a username and password to try to take control of this blog. That means that once every less than 5 minutes on average, 24 hours a day, someone (or thing) is trying to hack this blog.
If they succeeded, I’m not really sure what would happen, but it couldn’t be good.
It isn’t happening only to this blog of course, but also in different forms and with different levels of intensity to many other websites.
Some simple moves can at least (A) help you monitor the situation and (B) make it more difficult for hackers. Of course there is no such thing as 100% security on the web.
Based on the data my widget is giving me, the attempts at hacking fall into two very distinct categories.
1. Automated, fishing expeditions coming from all over the world. Ukraine, Romania, Russia seem especially popular sites from which people via automated computing are making these attempts.
2. Attempts by human beings with an agenda, almost exclusively in the U.S. I can tell because the widget I’m using records the usernames and passwords they enter in their attempts.
If you have a blog out there or even a website of any kind, you had better be thinking about security or it becomes almost inevitable that someone will take over your site eventually.
I strongly suggest you work with a network expert to upgrade the security settings on your website. For example you can utilize SSL to make it more difficult for hackers to take control of your website. From what I understand a determined smart hacker can take down a website if they really work at, but why make it easy on them?