I have websites my question is to related web virus attacks + hackers attack. How i can secure my website using these attacks and run my website smoothly. What should i do, is there any software or code to protect website from unknown problems like viruses or hackers. Waiting for experts answers.
You need to check your files and folders unwanted permission. Please disable your unwanted plugins. You haven't told about your server security, contact your server provider and make server security properly. Don't forget to update your software bug fixed.
First of all you should know how hackers infect websites. One of the most common methods is by stealing the FTP login information from a PC. Many free FTP programs store their saved login credentials (username and password) in a plain text file. Viruses know this and when they infect a PC, they look for these plain text files, read them and send the FTP login information to a server which then logs in with valid credentials and infects the website. This virus also "sniffs" the outgoing FTP traffic and since FTP transmits all data, including username and password in plain text, it can see and steal the FTP login credentials this way as well. To prevent this type of attack you should use an FTP program like WS_FTP or Direct FTP by Coffee Cup. These two will encrypt the password on the PC so it's more difficult to use. You can also switch from FTP to SFTP. SFTP encrypts the traffic so it can't be so easily sniffed. The next way hackers infect websites is through non-updated software on a website. This could be anything from phpMyAdmin, osCommerce, to Zen Cart, Wordpress or Joomla. All website software should be kept up-to-date at all times. Another way hackers can infect a website is when it's programmed poorly. If you create a form that inserts data into a SQL database and you don't properly sanitize that data, a hacker could inject some malicious code into your database and it would either display the infected code on the website or it could be used to further infect the website. Keep in mind that frequently hackers will add files to a website that allow them to use a "backdoor". These backdoors are usually .php files but can be other types of script files as well. These files allow the hackers to remotely infect a website over and over again after you've closed all of the obvious holes. These are much more difficult to find - but they must be found and removed. Post back if you need any further information.
You should give us a bit more information about your setup for us to advise you further - i.e. windows or unix platform, which CMS system you use, which database back end etc... But the basics have been covered above. Here my handy security hint of the day: Check your web server logs regularly.
A good cross-platform way to monitor your site is using Sucuri ( http://sucuri.net ). If you are on a dedicated (or VPS) server, I would recommend the open source OSSEC as well ( http://ossec.net ). thanks,