If you have a reoccurring problem with a hack of your website, there are multiple causes that could underly it. Two of those, a backdoor and a vulnerability, are sometimes confused. Understanding the difference is important to dealing with the problem.
A backdoor is some method for the hacker to continuing access to the website, which they place on the website. That often is a file that the hacker can send commands to on the website and those commands will run. Those backdoor files can sometimes be rather complex, but other times are really simple.
A vulnerability is an existing security issue on the website that gives a hacker some access they shouldn’t have.
A key difference between these two issues is how you deal with them. If you were to restore the website back to its state before the hacking, a backdoor couldn’t exist on the website. A vulnerability will still exist if you do that.
Another key difference is who has access in each situation. With a backdoor, only one hacker would have access, unless some other hacker figures out about their backdoor. A vulnerability, by comparison, could be exploited by many hackers.
We recently had someone come to us that thought there was a backdoor on their website, but the change being made with what they thought was a backdoor allowed any hacker access. What they actually had was a vulnerability they hadn’t addressed.
If you need help with a hacked website, we can help you.