 All right, good morning everyone first and foremost. Thank you for coming out. I know it's early for some of us It's certainly a little early for me But I would like to start off with first introducing myself. My name is Victor I come from a company called Sukuri. We specialize in website security I like to start off at every some of these talks I come to work him You know sort of providing a little more information about myself. So if you see me enough, you might know me more than most One thing. I'm an avid runner Secondly, I'm a large video game enthusiast. So if you see me geeking out at some like Nintendo stuff around here That's why but first and foremost. I'm a technical sales engineer for the company and today we are going to talk about Recognizing as a business owner as a website owner. How do you know how can you identify that your site is in trouble? How can you know if your site's been hacked and what does that mean? What does that mean for you? What does that mean for your business? So One thing I want to start off with is a quote from the CEO of the CEO of our company, which I really like as Website owners, we have a responsibility to one ensure that everyone that interact with our websites have a safe Online experience in that everyone that interacts will rather that all website owners should be good stewards of the internet by Ensuring that we're not abusing the resources available to us Quite a bit. So let's break that down a little bit. What does it mean to not abuse the resources? What does it mean to ensure that our visitors have a safe online experience? because If we really think about it at the end of the day, what we really want is to get online We want to get our WordPress installation done get our site out there and you know drive traffic Get people to see our site buy our stuff, right? But we need to consider all the people that we're inviting in all the people we want flocking to the site What kind of people are we inviting in? What kind of traffic does that look like? Because sometimes the traffic might be people. Yeah, you know what? I really want to buy your product. I really want to read your blog but sometimes that traffic is not friendly sometimes they're out to attack the website so How many people here are comfortable in identifying that there's a problem with your website? That's not a lot of hands That's not a lot of hands. So and that's okay. It's okay to not know Because the fact is you know as a business owner, how are you supposed to? How are you supposed to know that malware and hacks are part of this deal, right? You just wanted to run your business. So I Want to take an example here and look at a website and compare that to what happens when the site does get attacked and how to identify When there's a problem the specific site You know seems pretty pretty obvious right so design favorite accessories. That's that's what we want to show people look This is my product. This is what I can deliver on All right looks normal, but what happens when there's a problem? How many people have seen that before Right, so we're starting to identify that there's a problem with my site when I'm visiting it All right talking about the facement the facement when they're simply you know Taking down the front of your page because hey, you know what maybe this is some 17 year old snuck up kid Who just had nothing to do nothing better to do with this time, right? It could be your kid for all we know We're looking at this This is very new very recent terms of what we consider ransomware meaning they will lock your site And they will hold it at ransom and say look for so much Bitcoin which is so much money I will give you back access to your site and that's assuming if you pay them they actually give you access back to your site Right so imagine that as a business owner you're logging on to check higher sites running how the new theme looks How that new plug-in is functioning and then you see that Now there are other instances where it's a little less obvious So you're logging into your site and whoa Facebook pops up. Oh shoot Maybe you know I must have hit a bookmark must have hit a shortcut, but it looks like I logged off So let me log on Except if you look at the URL bar, you'll notice that's not a real Facebook address What happens is people accessing your site all those all those people visiting your site are being redirected to what we Consider a fishing lure meaning they are fishing for information anything that will personally identify your your audience And now we're taught now. We're really getting into Abusing resources right we don't want our site to be a vessel for people having their information stolen Consider your brand reputation there. Oh, you know every time I visit that site They're trying to get my information and they put that on you instead of the attacker. How are people to know? Now Let's look at the another form of attack. That's also less obvious The site might be fine the site might still show design favor accessories, you know, okay great But then if you're looking if you're searching for the site in Google search results, you're gonna notice there whoa prescriptions I'm doing accessories, you know, or I'm send I'm trying to sell clothing What why is my Google search result propping up Viagra? Cialysis right something we call a pharma hack where people are you know Injecting things into your database to it, you know sort of prop this up and flag your site as a problem because Lasting your site needs to be known for is oh they sell Cialysis at half off. No This one now how many people have seen this Roman the internet every once in a while trying to find anything else, right? Yes, and now we've seen this before, you know, the site may be hacked How many people are gonna visit this site if they see this message? Not one person's gonna visit this site. It's custom hot tubs But of course not why would you the site might be hacked the site might present a problem So you and everyone trying to visit your site harming your brand on top of it, right? You're gonna go to this site if it says this That's a brave soul up there guy said yes. All right, that's fine You know you might enter the site you might download Software onto your computer so now we're not talking just about the site now We're affecting everything on your way to the website and now we're coming back to a safe online experience that this is not Of course a safe online experience for your audience You don't want that for everyone come to your site you want people to come to your site to say Yeah, they have a great product. I bought it it shipped on time or it was a great theme that I purchased and that was the goal We don't want to worry about this but You know Google plays a large part in this as well in terms of like what can happen and what can you do? Blacklisting how many people have heard of the term black listing? There you go so y'all I can understand what that means when there's a problem on your website and When we're going down this road, you know about like what kind of attacks there are, you know, they're the list doesn't end But what you need to understand as business owners is there is you know some investment in time Some investment financially to ensure that you provide the best experience that everyone visiting your website may consider that Basically anyone making any search result on the internet 80% of everyone doing that goes through Google Google is prominently known for blacklisting as you might know for a you know saying yeah That site might be hacked because most people are going to see that same message we saw earlier, you know So here's the thing There are a couple things that you can do with in terms of a relationship with Google that will alert you to a problem Google webmasters, how many people have heard of that? How many people are using that? Good for those that don't you should really consider it doing it for one thing. It's free Secondly they will let you know With time before the sites blacklisted that hey, there might be malicious files on your website Right, they will let you they'll give you a heads up to the problem instead of you know having it linger You may never know that pharma hack that we looked over that you may never have noticed or treating your own site on Google They'll let you know and Most of all on top of everything else. It's free, right? You don't have to make an investment into a tool like that It's Valuable that someone like Google who has a presence online, you know is letting you know about our problem before it gets to it So let's go back to this the site may be hacked This is your site and you have you know, you're trying to figure out. What do I do? I don't I don't know how to fix that So you go to Google who alerts you and they have all these guides there and you know You're trying to get rid of that blacklisting warning because now it's really gotten out of hand after a week. Well Let's consider the impact if we let that lie as Business owners, how many people here of course are familiar with SEO? Wow, see there. Yeah, everyone knows about SEO everyone knows about driving traffic You want to rank high in certain keywords. So You know after a couple days, you know, okay, the site's been hacked Google's let you know and it suddenly your sites been blacklisted and Your SEO tanks, they will remove you from whatever page you were before and stick you at the back of the line until you fix the problem Now consider how much work you might have put into maybe ranking number one or ranking top five or top ten Into getting people to visit your site Right, we don't no one wants that no, I wouldn't want that So what can you do? Well Google gives you some good guidance, you know Things about how to clean and maintain your site moving forward, you know The things you need to do, you know having shell and terminal administrator access and knowing shell and terminal commands How many people actually know those two things? So a whole lot more of you raised your hand knowing blacklisting but not this and Google's telling you you need to know this Well, that's not always the case and that's okay. It's not a problem But you know, I can you know, it can be very Intimidating when something like that happens and you're not sure what to do and there's no Big red button that tells you oh, yeah press here and your site's fixed It's not always that easy Especially if you don't have that kind of knowledge to comb through all your code to go through your database and figure out What's going on because there's a website owner. What is your primary goal as a website owner? Who can tell me that? You want to make money? That's your primary goal That that's the only thing you want to be thinking about when you're running your website when you're you know I try to you know update your inventory That's the main goal. So The idea of course is understanding. How do I get there? How do I restore my ranking? Well, yeah, you know sometimes a lot of it is investing in a solution in the resources like even just the free resources of Google Webmaster You have time to figure out an answer to the problem But what does that really cost? I mean, I'm saying that yeah, Google Webmasters is free But maybe it's too late for me. I maybe I've been blacklisted. What does that cost? So I Like to tell this story Because it's the one that resonated most with me. I had a client once Fourth of July last year who was on a five-day vacation And she's calling me July 3rd in a panic and a frenzy Because her sites down the host shut down the account her sites been blacklisted by Google by McAfee and She doesn't know what to do Okay, don't worry about it, you know, we'll get a fix for you. So After three days, we've had the site fixed the site's been delisted from the blacklist of Google and You know, she comes back to me. She's like, you know, thank you for helping But I feel like I need to tell you what happened. I'm like, well, what happened? She tells me that as part of her five-day vacation. She was stuck in her hotel room for two days Trying to figure out how to get her site back online You imagine being on vacation and trying to worry about this with family around you And you don't have time to spend with them that money you spent wherever it is that you went to go on vacation Moreover, she was selling like high-end creature accessories and products, you know, like, you know bracelets and the like And she was telling me, you know, every time she leaves on vacation She's expecting $11,000 in revenue easily She didn't make any of that so She lost $11,000 in three days because of an issue like this So the cost sometimes isn't necessarily like what do I have to invest to ensure That my sites fine or you know, maybe getting a firewall or someone who can respond to me would clean up Sometimes the cost or the consequences of your site getting hacked Because I don't think she ever would have imagined $11,000 gone in three days that she never would have had because no one could access her site. How could they? Especially if they had that site may be hacked, none of you would have gone to visit her site because I wouldn't Except for apparently that guy over there who was very brave enough to do so but When we consider what can you do in a Circumstance like that, you know, there are a lot of easy steps to you know, sort of go about you know Making sure that everything is fine with your site and of course first and foremost It's updating the site right your wordpress installation your themes your plugins everything that you're utilizing to make sure your site is up Make sure you're up to date Because a lot of times what you don't realize is that while those fixes may provide a better user experience or a Back-end experience for you for the most part they probably have important security fixes that you don't realize are there It's no different than updating every app on your phone Sometimes it's not updating because it's trying to make the scroll bar a little better or the text a little nicer It's because they're trying to do something to protect you. I Could go through this list, you know, there's some a lot of good a lot of good items here that are you know Free in terms of understanding like what would your host do in a situation like this? You know just that kind of information gathering, but I want to sort of get back to this quote a little bit And understand that you know as website owners We do have a responsibility on us because we're the ones putting the website out there and using the resources available to us to Ensure that everyone that interacts with our site does have a safe online experience Understanding that we want our visitors to come in come out and not feel like you know They've been swindled and I feel like they have to look over their head because they saw a funny pop-up come up through your site They have to understand that you know as website owners We do have a responsibility to be good stewards of the internet making sure that you know We're not using our top-ranking Google search results to fish for information on your on your visitors Stealing credit card info or stealing their name and email and phone number when you have a contact form up we you know Because we certainly wouldn't want that visiting other people's sites We wouldn't want that visiting a website developer site who's trying you know We're asking for help and then you know sort of passing on the kindness in a sense So that's what I have You know as I mentioned my name is Victor I work for security and thank you for taking the time to come in You know have a happy work camp if you have any questions feel free to come down. I'll be more than happy to answer Like on there you go someone down here asked about redirects redirects are very similar to sort of what I showcased earlier with the Facebook page In some instances, it's a more of a it's more enticing for someone to use a redirect hack to say access your site And you get sent off to that Facebook page and your staff person is putting in information That's being sent out somewhere else there are some you know PHP mail scripts other instance A little more obvious for all of a sudden the site is being redirected to maybe a similar looking site of yours Right, maybe they sort of just copy and paste you know templates and information then when someone's making a purchase and not actually making a purchase Those kinds of things I mean can Reveal itself in different forms HT access files if you're familiar with it But most cases you really want someone or some you know somewhere to go to to be able to properly identify if that's a problem Because if you're noticing it on your own site, then you should consult someone who can provide better response for you Sure, so someone asked why is it that you get so many hits from all over the world regarding that kind of thing So one thing to keep in mind Especially about when you're trying to figure you know when you're thinking about even just the tax like where they come from Most of these things are automated like just bots, you know Hitting pinging your site because either they're trying to test access or they're trying to you know See what they can do in terms of accessing your you know your sites files and everything and on the administrative end So for the most part when if you're looking at your SEO and you're looking at your hits and you're looking at your logs And you start seeing that you know for the most part really you're focused on the states in Canada But you're seeing random my piece from Turkey from Russia China, you know There are some instances where it might be a valid access to your site It might be someone actually from China or Turkey trying to access your site some other cases It's them trying to test to see what they can do There are a lot of good plugins and resources online that let you track that Similarly, if you're running on WordPress for example We have a free plugin that will let you track people even logging into your your back end of WordPress when you go into WP login something I'll alert you to a problem that you know Hey look I've got like 50 emails telling me that this IP is trying to access my site You know these are people trying to get in they're trying to force their way into your environment, so oh What you do is depend you know I suppose it depends a lot on you know what you're comfortable with knowing I mean if you know there are ways you can write rules in your h.c. Access file to block IPs if you can recognize them There are web application firewalls out there that will block that kind of thing outright Recognizing whether that traffic is malicious or not You know so I would definitely first and foremost go to your host to see what solutions They can provide you or recommendations. They can make for you for instance like that We don't and you're not going to find many people who will approach Suspected attackers because for the most part what you may think might be the university attacking your site might be actually Someone using another computer another site and another resource just sort of like the mask where the origins from So that it's possible that actually their network well, maybe unlikely but Got compromised and there and they that you think it might be coming from the States But it could be anyone else it could be an anonymizing IP something that they're trying to mask to hide to make sure that they don't get caught Right So it's part of that you're not going to find many people who do that kind of forensic, you know retrace analysis, but There's you know on your part in anyone's part There's always measures you can take to ensure that even if maybe it was from there or anywhere else that You know those kinds of requests that are being made on your site on specific like folders or sub folders and plugins Don't result in a hack. You know those that's the best resources or best information. I can give you on that. Yeah, I would say You know, I'm hoping that everyone was able to hear you know his his interest in this So I would say that there are a lot of resources that they are able to tap into that's not simply the back in the WordPress I mean if they have your domain and they're trying to you know log in with a similar file path to log in odds are they've Paying your site to identify your hosting IP, right that you know that one, you know like a one nine two die eight eight Dot two four eight five like understanding that okay I know that's the hosting IP so let me get into an FTP manager and try different username and combinations there to have Direct access to your spy files a lot of times, you know, these attacks are automated So it's not so much that they're trying to guess one username. That's how it goes, you know A lot of our information is out there. So, you know, my site is you know, Santoyo hats calm Right and they can find my last name my first name that I might put on the site odds are they're probably gonna get What city I'm from, you know other things like that and they're gonna use Typical, you know like I would say variations of how people create username and password It's like first initial last names last name first name Maybe they can identify family members, okay So maybe I'm putting just the last name in my birthday or my zip code or things like this And these are the kinds of things where you also need to consider about the access you're creating like when you have a Username and password make sure that no one can understand why you have that username and password, you know I don't I try to avoid using, you know anything identifying me or my family and anything with passwords because Passwords are the one thing that people People get lazy about, you know, we want to just say ah something one two three or what's my password? I forgot, you know, I Had a guy who Or password no, I had another clever guy who was like, you know, I know my password is gonna be and I'm like What is it gonna be he's like well see every time I try a lot game I forget it tells me password is incorrect So incorrect will be my password And I'm like No, it's not how that works But you know that that's the kind of thing you should also be like conscious of as long as you have a strong password You know like 16 characters, you know with a with a hash tie an explanation mark and numbers and letters You should be fine, but knowing that kind of information is pivotal and I wouldn't I would implore you to sort of look into ways to be able just to block that access outright when you get it a Lot of what you also want and in something you're touching on, right? Know who your audience should be do you want people from or halfway around the world visiting your site if you do great? Take precautions to make sure it's the right people if you don't and your audience is strictly yeah I'm a local person. I really only need Miami Spanish speaking people looking on my side or I'm in the states in Canada That's the only people I want to reach then ensure that those are the only people you're reaching Invest in a resource that'll let you country block or block IPs if you can find them No, I would say 12 at least I use a 16 character password Sort of touching on the last thing there like password shouldn't mean that complexity It should be 16 digits should have a combination of upper lowercase letters numbers special characters in No discernible order. There are resources like last pass has anybody here heard of last pass Great for anyone who doesn't you should definitely use it. They will let you auto-generate a password of that complexity I mean just jargon you never would understand it They let you save it within an arm It's free you would save it within an a master account where you can track all your passwords So every time you visit your Gmail your WordPress your hosting Facebook anything else. You don't have to remember those passwords. It'll auto-populate it for you because you know Most I'm guessing that some people here might end up using the same passwords for multiple platforms Right, you might be using your same password for Gmail for your banking for your You know website or anything else and that wouldn't be key So it's not even simply having a complex passwords making sure that those passwords are also different for everything you're logging into And brute force is you know a lot of what we've been touching on here like you know basically Bombarding your door and trying to guess the lock combination That and it happens every single day, you know and plugins like what this gentleman here mentioned about tracking the IP Or being able to block it or just identify it Give you visibility into what's going on Think I'm out of time. I'm not sure so if you have any more questions feel free to come down I'm also at the sponsor table there. We're so cootie and have a great day