Is There An ASP on Your Website?
Published on 12/1/2014
For additional information Click Here
Is There An ASP on Your Website?
So, it is Cyber Monday and you were looking for a good deal on certain shoes. How about a Google search “retro sneakers cyber Monday”? The first link took you to some religious site. Skip the Blog and the Facebook pages. Check out a few of the others. A couple of them return 404 errors. At least two send you to the Exact Same Page. What is going on? How can different sites take you to the same page? Because sites have been compromised. Asp files are one of the ways this is done. So here is my question today. Is there an Asp on your website?
What is an ASP File?
An ASP File has the .asp extension and is for the Active Server Page file format used in an HTML file containing a Microsoft server-processed script. Here is my question. What is such a page doing on my website? I didn’t put it there. I have learned that there is a vulnerability that makes it possible for these to be added to your site. If you are not using them, that makes it easy. Just take them out. *Note: I found one of them in my Images Folder. *
*Tip: If you find Any of the problems that I have run across, take the time to put in a good 404 page that will let those redirected to your pages learn what you are Really about. Someone is redirecting traffic. It doesn’t all have to be lost. *
Who is at Risk?
Sites around the world have been Hacked. The victims are often sites that are not frequently updated. Is there an unexpected ASP file on your website? Then you most likely have a problem. Check also for files that have been updated since the last authorized update. If you have a site, check it now. If you know someone with a site, your doctor, HOA, Bridge Club, etc. please let them know about this problem.
For those that haven’t been following along, a few weeks ago, I discovered that my site, Nove-Noga.com had been compromised (Hacked!). Contact with my service provider was less than satisfactory. The good news is that I was able to easily clean my site and rid myself of the problem. This was largely because I Know what is and should be on my site. Now, you may be thinking, So What? If you don’t have a website of your own, you don’t have much to worry about. Unless you click on one of the multitude of false search results created by a worldwide attack on websites.
This Problem is Wide Spread:
As part of my search for any information on this widespread situation, I have tried a number of Google Searches. Just for fun, try this one. “cyber Monday asp hack” I was amused to see that the first response in the search was another hacked site. How do I know? The first clue was the ASP File in the listed link. The second was the disparity between the site name and the subject matter. The third was when I clicked on it and was directed to another site. About half of the links on this page had been hacked.This problem is Wide Spread.
Report Cyber Attack Redirect:
I finally found some definitive information on the recent attacks that I have seen across the internet. Using the Google Search “report cyber attack redirect” got me to the Wikipedia page on Pharming. (See Below) Finally!
"Pharming is a cyber attack intended to redirect a website's traffic to another, fake site. Pharming can be conducted either by changing the hosts file on a victim's computer or by exploitation of a vulnerability in DNS server software. DNS servers are computers responsible for resolving Internet names into their real IP addresses. Compromised DNS servers are sometimes referred to as "poisoned"..."
How come I didn’t Know?
Like many people out there, I taught myself what I needed to know to build my own website. I did have the advantage of a background in computer programming but that only boosted my self-confidence. Silly me. I never considered that my Service Provider might be vulnerable. I still don’t know how they have gotten in multiple times but I have learned a lot over the last few weeks.
How Can You Protect Yourself?
1) Know Your Website. Even if you get someone else to build your site, you should know what goes into it. When you know what is supposed to be there, it is easier to spot things that are not supposed to be there. *Remember, I found an ASP in my Images.*
2) Review your site online frequently. One of the indicators of this Pharming problem is when a Google Search of your site produces a link that is Redirected. A second test is to View your Source Code in your Browser. See the Graphic above for currently Identified Indicators.*If you find problems, Update your site immediately.*
3) Have a clean copy of your site ready to upload at any time. If you are having someone else maintain it for you, consider downloading a copy of your site every time that they post an update. Make Sure that your Webmaster is aware of these problems.
4) Use FileZilla to keep a close eye on your website. With FileZilla, you can see everything on your site. Sorting by Filetype can reveal files that shouldn’t be present. Sorting by Time/Date can reveal whether any changes have been made since your last authorized update.
5) Change your Passwords Frequently. I use KeePass for my Password Generator and records. *Note: Changing my Password with my Service Provider took some time. Don’t change your Password in FileZilla until the old one has become ineffective.*
Is There an ASP on Your Website?
This is a very important question. I have no doubt that hackers cost someone Billions of Dollars on Cyber Monday. Either they stole the traffic for their own sales or they literally stole money from everyone who fell for their links. Your site may have helped them. How will you know unless you look? Nove-Noga!
Have You Checked Your Website Today?
Has Your Website been Hacked or High-jacked?
What to do if Your Site was Compromised
Black Friday or Bleak Friday?
The Sky is Falling
If you have fixed your site, that doesn’t mean all the links are gone. Why lose the traffic?
Creating a 404 Error Page on GoDaddy