Website defacement is a malicious attack on a website to change the appearance or content of a website without the owner’s permission or knowledge. Usually, this means that the hacker replaces your website’s “index” page (index.html or index.php) with a new page.

A hacker might have many reasons to deface a website. He or she might have political or religious differences with the website owner. The hacker might simply be doing it for fun. In either case, nothing can be worse than the fallout from an unattended defacement.

How? The hacker generally gains access to your server by (a) exploiting a security hole in your server’s operating system, or (b) using your username and password, obtained through equally nefarious means, to gain FTP access to your server. 

Why? If for the fun of it, a defacement may be nothing more than changing your web page to display the hacker’s credentials. If evil, the defacement may compromise security, download malicious code onto visitors’ computers or redirect your visitor to another website.

Our defacement monitor works by reading your webpage at predefined intervals, looking for a word or phrase or alternatively for the absense of a word or phrase. For example, you might add an x-header to web pages “Owned by John Doe”. If this phrase wasn’t found, you would be notified that your website has likely been defaced. Alternatively, we have wordlists grouped by categories that you can use to denote defacement, or you can upload your own wordlist.

Cost: $6.00 per page per year.

This is an addon to our Basic Website Monitoring package and cannot be purchased separately.