Every year, cybersecurity experts and IT departments around the world remind website owners and business operators to stay alert around November 5, a date often linked to hacking activities, online protests, and large-scale cyberattacks.

In the Philippines, the Department of Information and Communications Technology (DICT) and the Philippine National Police (PNP) regularly warn the public about possible "traffic flood" or Distributed Denial of Service (DDoS) attacks that could disrupt websites and online services. DDoS is also the easiest form of hacking that can be done and is most common.

But even outside the Philippines, businesses worldwide should treat this as a timely reminder that cyber threats do not recognize borders. Whether you run a small business website, an international e-commerce platform, or a corporate portal, being prepared and vigilant during high-risk periods like November 5 can make a big difference in avoiding downtime and data breaches.

What is November 5 hacking day?

November 5 is traditionally known as Guy Fawkes Day in the United Kingdom, commemorating the failed Gunpowder Plot of 1605. However, over the years, it has taken on a different meaning in the online world.

Modern hacker and hacktivist groups, such as Anonymous, have adopted November 5 as a symbolic date for cyber activism, often organizing digital campaigns, website defacements, or data dumps to make political or social statements. The date also coincides with the Million Mask March, an annual global protest known for its signature Guy Fawkes masks.

For this reason, cybersecurity agencies and organizations consider November 5 a period of increased online risk when hackers, bots, and opportunistic threat actors might target unprotected websites.

Why this matters for businesses worldwide

Cyberattacks around symbolic dates like November 5 are not limited to one country or region. They can affect:

• Small businesses running outdated websites or plugins
• E-commerce stores processing customer data
• Corporate networks and cloud servers are exposed to public access
• Government websites and portals or NGOs with limited IT staff

Even if your company is not directly targeted, you could still experience collateral damage, such as server slowdowns, blocked access, or spam overload if your hosting provider or upstream network is affected.

Moreover, state-backed actors, including some based in China and other regions, may exploit these global events to mask reconnaissance, infiltration attempts, or data collection. Businesses should use this time to strengthen system monitoring, firewall rules, and access controls.

Common hacking threats to watch out for

• Brute-force attacks: Automated attempts to guess passwords or admin logins.
• SQL injection and XSS attacks: Exploiting insecure input fields or unvalidated data.
• Malware and phishing: Injecting malicious scripts or stealing login credentials.
• DDoS attacks: Flooding servers with fake traffic to overload resources.
• Bot traffic and scraping: Automated bots that slow down websites or steal content.

How to protect your website and data (countermeasures to protect your website)

Here are practical steps every business and webmaster should take to improve website security, especially during high-risk periods like early November:

1. Regularly update your CMS, plugins, and modules Outdated software is the most common entry point for hackers. For Drupal, regularly update using composer update and review the Drupal Security Advisories. WordPress users can check WordPress.org Security.
2. Use a trusted hosting provider with security monitoring Hosting services like iBuild.PH web hosting and domain services provide server-level security, backups, and malware scanning - important for preventing large-scale attacks and identifying suspicious traffic.
3. Implement a firewall and DDoS protection Tools such as Cloudflare or Sucuri Firewall can block malicious traffic and detect threats in real time. For businesses frequently targeted by bots, consider blocking traffic from high-risk regions or using geolocation filters.
4. Secure your admin and login areas Change default admin URLs, use two-factor authentication (2FA), and apply IP restrictions to limit who can log in to your CMS.
5. Back up regularly and store copies offsite Automatic daily or weekly backups ensure recovery in case of ransomware or file corruption. iBuild.PH's website maintenance services include backup management and system monitoring.
6. Monitor website traffic and logs Use Google Analytics 4 and Google Search Console to detect unusual traffic spikes, sources, or referral spam. iBuild.PH also provides training for GA4 and Tag Manager for teams wanting deeper insights.

Special note: rising cyber threats from China-based traffic

In recent years, reports of botnet attacks, phishing attempts, and brute-force activity originating from China (CN) targeting Philippine websites especially GOV.PH sites have increased. Businesses may consider:

• Using hosting firewalls to block or limit traffic from specific countries.
• Using the GeoIP2 module in Drupal and similar security modules, or WordPress security plugins such as WordFence and similar to restrict logins by region.
• Reviewing server access logs to detect suspicious IP ranges and adding firewall rules.

If your website is under attack

If you notice slow performance, downtime, or strange login activity:

1. Contact your web host and request an immediate investigation.
2. Temporarily enable maintenance mode to protect your site's integrity.
3. Check firewall logs and block offending IPs or regions.
4. Report incidents to your national cyber agency (in the Philippines, DICT).
5. Review your setup after the incident to ensure no malware or backdoors remain.

A reminder for all business owners

Cybersecurity is no longer optional. Whether you serve local customers in Manila or global clients across continents, your website and data are valuable assets.

Events like November 5 hacking day remind businesses everywhere to:

• Review security measures regularly
• Backup data consistently
• Patch software promptly
• Monitor systems actively
• Partner with a reliable web security and hosting provider

At iBuild.PH, we help businesses strengthen their online presence through secure hosting, reliable website management, and proactive cybersecurity support. Our team ensures your websites, whether on Drupal, WordPress, WooCommerce, or Magento, or any custom applications are properly protected and optimized for performance and safety.