On June 28, there was a high-profile case of mass hacking of sites on Bitrix. Many users have found banners placed by hackers on the pages of their resources. The reason was a vulnerability that could be eliminated with the help of an update: those who did not have time to do it in time, and became victims of hacking. I will tell you how to avoid such incidents in the future, and what to do for the security of the site right now.
From where the attack was being prepared
One of the agency’s resources was created on the 1C-Bitrix CMS platform – this site is hidden from search engines and is used only for test work. At the end of June, he, like many sites in Russia, was infected: we found the admin panel, the main page and the info blocks hacked, the rest of the internal pages were simply deleted. Hackers changed all passwords, cleared databases and changed the rights to the internal folders of the site. A separate forum thread has been opened in Bitrix technical support about this. We managed to restore everything ourselves and quickly close the threat, but it is worth noting that technical support offered assistance in recovery.
Unfortunately, today it is impossible to completely prevent hacking of the site. The reason for hacking may be a human factor – for example, an employee of the company “infected” his computer and, consequently, “infected” the company’s website. The site code can also be attacked – the most vulnerable place. To prevent the threat of hacking, many factors need to be taken into account: in large companies, a special department is responsible for this in conjunction with a contracting organization, which, among other things, helps to cope with “backdoors”.
Virus infection and hacker attacks are quite common. The main misconception of the site owners is to think that the resource is not interesting to intruders. In June, as a result of a massive hack, a large number of sites on the 1C-Bitrix CMS platform suffered. Representatives of the company note that only 10% of users regularly update the site. At the same time, the consequences of the invasion can be very different. Timely protection, the use of modern mechanisms and fresh updates will help minimize risks.