832 – Don’t let the hijackers do it first: Tom talks Hack Your Website

Episode 832 – Hack Your Website
[00:00:08] Welcome to Screw the Commute, the entrepreneurial podcast dedicated to getting you out of the car and into the money with your host, lifelong entrepreneur and multi-millionaire Tom Antion.

[00:00:24] Hey everybody! It's Tom here with episode 832 of Screw the Commute podcast. My voice is coming back a little bit, but it's going to be a little scratchy for this episode. I hate being sick. But the show must go on. So today's episode is Hack Your website. Yes, I said hack your own website. If you do it, it'll protect you from others hacking your site and it's pretty easy for them to do. That's episode 832 today. Now episode 831. Hope you didn't miss that. It was CYA or cover your butt. I mean, this is a method I've been using for years to win disputes. And it's beautiful. And there's a big super tip at the end on how you can win disputes. Okay, anytime you want to get to a back episode, you go to screw the commute.com slash. And then the episode number 831 was Cover Your Butt and 832 today is Hack Your Website. All right. Check out my mentor program at Great Internet Marketing Training.com. It's the longest running, most successful, most unique of any program. Like it? In fact, there is no program like it. Nobody opens up their retreat center and has. You live in a house for an immersion weekend and gives you a scholarship to a school. I mean, it's pretty, pretty unique. It's been running 20 to 25 years or so now. So anyway, check it out. Greatinternetmarketingtraining.com. Pick up a copy of our automation book at screwthecommute.com/automatefree and follow me on TikTok at tiktok.com/@digitalmultimillionaire.

[00:02:00] All right, so what am I talking about when I say hack your site? Most of you listening, I'm in that to say virtually all of your listening don't have the ability to actually hack anybody's site. Not unless your own. I know I don't, but I know at least three people that do know how to do it. All three are currently called ethical hackers, or sometimes they call them white hat hackers, white hat instead of black hat. But one of them was a 17 year old real hacker who got caught and had the choice of going to prison or working for the government. Right? This hacker chose working for the government. You might also be surprised to hear that two of the three that I know are girls, right? You wouldn't think that, would you? Since you probably can't hack your own site. And if you could, you would have already fixed the potential vulnerabilities of your site. So I'm going to point out a few areas that might make your site more susceptible to hackers and what you can do about it. Now, I'm not going to get too technical here. You know why? Because I can't. I just know these things happen and I know what to do about them. But the technicalities of it, I don't know. I don't want to know. The thing is, I am and you are too responsible for what happens on your site.

[00:03:23] And it's your reputation when someone takes over your site and makes it a porn, or even worse, a beastiality site, or you know, any number of bad things that they can do if you make it easy for them by ignoring the security of your site, and a lot of the things you wouldn't even know were happening and you're complicit in in hurting other people, even say so. That's what I'm going to talk about today. So let's get into it. So one question is, is can people post comments on your site? See, bad people can post a certain piece of code that captures the data from everyone else that comments and you say, so what? They're posting their name up there anyway? Well, what the bad people do is put on what's called a cookie catcher. It captures the cookies of all the people that comment, which gives the bad guy access to their cookies. All the people visiting your site that are posting comments once they have them there all kinds of nasty things the hacker can do to your visitors, and you let it happen because you didn't take care of the security of your site. And don't expect the typical web designer to know these things. They can make things look pretty, but it's a rare, rare, rare few that know about security protocols. Another thing to check is if your admin login is vulnerable.

[00:04:48] Many have a default username of admin without too much trouble. The hacker can hack simple passwords and gain access to your entire site, where they can do all kinds of bad things that aren't as obvious as turning it into a porn site. These are just two ways. Hackers can gain access to your site, and this should scare the bejesus out of you. But you can do simple things to make your site way more secure. One of the things is to keep your site updated. Of course we use and you should be using the gold standard WordPress. They update all the time and when people come to study with me, I mean we find they haven't updated their WordPress site since, I don't know, Superman was a baby. Many of the WordPress updates are because of new security threats. If you don't update, you're just asking to get hacked. We also use a plugin called WordFence. And that kills and or alerts us to many of the kinds of attacks websites face. You should also maintain an SSL certificate. But and everybody kind of knows that now it puts the lock up on your browser and all that. Guess what? They aren't 100% effective in protecting against many types of attacks. And here's one of them. It's called a denial of service attack. A DDoS attack. And I'm posting a link here to a government site that explains this in more detail for you.

[00:06:28] But DDoS attacks in a in a weird kind of way are related to the hacks I just told you about. Bad guys or girls. What it is, is they flood the denial of service attack as they flood the network they are targeting with massive amounts of fake traffic. I remember one I heard about where the hacker sent the entire text of the Bible a couple million times to totally drown the network of the person they were going after. Now, how did they have enough computer power to do this? This is where it gets weird and you're involved. They hacked a bunch of sites like yours. If yours isn't secure and use the resources of the hosting service and the server that you're on to use all those resources to send all these Bibles or whatever else they're doing, sending fake traffic to other sites. And again, you you could be, I'll say, partly innocent because you didn't try to hurt anybody, but you're kind of complicit if you didn't protect your site and take care of security vulnerabilities so that they could, couldn't do, couldn't use you to hurt other people. And if you're the target of this kind of attack, oh man, God help you. You can sign up for services that see abnormal amounts of traffic and reroute them away from you. That's good. But you better still have a disaster recovery plan if someone decides to target you.

[00:08:00] And all this is another good reason to treat people well in your business, so that they don't hire people to do this to you. So bottom line. Do everything you can do yourself, and then hire a competent, ethical hacker to try to break into your site. Now here's the thing. If someone really has it in for you and they're good, you probably can't do much about it without a highly skilled team of geeks monitoring your sites 24 over seven. But as a small business owner, you can make your site much less attractive to the run of the mill. I don't know nine year old hacker so that they go to some other site and leave yours alone because yours is too much trouble to break into. All right, that's my story, and I'm sticking to it. My voice a little bit better. I'm fighting my way through this. But the show must go on. And I want to see you in my mentor program. I'm going to help you avoid these bad things and give you tons of good things you could be doing to either get out of your dreaded job or improve the business that you have many times over. So that's my goal for for doing this for all these years. All right. That's my story and I'm sticking to it. We'll catch you all on the next episode. See you later.