Viruses, Trojans, how to protect your website
In the past, viruses have only attacted personal computers that shared the same external memories like diskettes, cds, etc.
A while then, they started spreading over the network.
Today, viruses are being spread to your website. Now, how do they do that ?
First of all, it's quite simple. The viruses that you pick up downloading files from some suspicies websites are installed on your computer. Then, they search for your ftp details on your computer. Usually, you save your details with your ftp client. They connect to your ftp service, search for index-like files (index.html, index.php, ...) and when found they modify it with their own code at the header or footer of the file. They usually put the code for promoting other websites, or in some case put a link to a file to infect your visitors. Naturally, your visitors trust your website, and they will download the software which will get their computer infected.
The key for your protection in general would be:
-not to keep your password saved in the ftp client (Don't mind typing it every time you connect, as it will save you time in case virus infected you, or somebody hacks your computer)
- keep the backup of your website, so if you get infected, you can easily re-upload your website with clean code
- keep the antivirus updated. Antivirus is a good prevention, as the latest updates usually can reckognize and detect the viruses being downloaded from the web, thus prevent infection of your computer.
These types of attacks are just starting to appear. I have personally seen just a few of them, so it's not that common. If you had an experience with it, and would like to share a method for prevention, please feel free to post a comment.