Protect your web site from being hacked!

By: admin

In recent years, I’ve seen quite a few customers get their web sites hacked, deleted or tampered with, who then come back to the web host and say “what the hell”. They end up getting furious, and furious at the wrong people.

At UptimeHost, Jonathan, our security expert takes great steps to ensure that our servers are secure and there are no system level hacks that can affect our customers. However, most, if not all the hacks that I have experienced are the result of the lack of protection by the customer themselves!

For example: You’ve got the latest and greatest home security system, but you’ve been robbed because you didn’t bother turning the system on before leaving. You can’t turn around and then blame the security company claiming they didn’t secure your home.

Bottom Line: You are responsible for your own web site.

Before I rush into the different steps to take to protecting your web site from being hacked, without going into too much detail, I’ll share the basics of different types of hacks, their purpose and how they affect you. Most commonly, hacks include some sort of exploitation of bugs in a script or a web site, for example XSS, defacing or SQL injections. It’s important to stay up to date, and being prepared is the best form of protection.

So, here are some tips on how you can protect your web site from being hacked!

1) Keep your scripts & software up to date!
The installation of many web scripts have become relatively one-click and easy to do. What most people fail to understand is that it’s not just a 1-click, one time install and forget about it thing. The developers of these scripts are constantly working on fixing bugs, patching security holes, etc. Running older versions of the scripts opens you up to a liability, ensure you’re running the latest version of the script. If the script is no longer supported, re-consider your decision to using that script and try to find an alternative if you can.

2) Using secure passwords
You’ll be surprised at how many people use such simple passwords. It’s recommended that you use a combination of a letters, numbers and uppercase, lowercase characters. The longer and harder to type passwords are the strongest. Do not use dictionary words, family names and generally speaking… anything that someone can guess about you.

3) Third party scripts
Any code, such as plugins, widgets or custom codes that are found freely available on the internet are written by people under unknown variables. Depending on the programming skill of that programmer the code could be great or could be riddled with security holes. To be safe, research any code you want to use on the site that you haven’t done yourself. Use google to help you with that.

4) On a regular basis, check your logs!
You’ll be surprised at the amount of information you get by watching & reviewing your web site access / error logs. On a regular basis, look out for where traffic is coming from and what is being accessed. If you’re seeing repetitive attempts or failures, take measures to prevent those attempts from re-occurring.

5) Are you practicing “Safe Surfing?”
One of the most common causes of Identity theft is your own stupidity, sorry for being blunt! A lot of the times, the vulnerabilities which give others access to your vital information starts right from your own desk. If your machine is not secure and you’re not practicing “Safe Surfing”, you’re opening yourself up to hackers for both your web site and other more important things, such as Social Security/Insurance Numbers, Bank Accounts, etc.

Use virus scanners, clear histories, try not to store passwords in clear text files. Use public wifi hot spots with caution.

6) Back up your web site!
I can’t recall how many times I have heard different people almost shedding tears when they lose their data or get hacked. Honestly, they are all excuses. If you worked so many hours and have had it cost you so many dollars to develop, keep or whatever… don’t you think that you should have been backing it up? Bottom line, back up your work, back up your backups, you’re never safe.

Even though we provide backups, we still encourage all of our users to create their own backups and keep them in their posession. You never know what will happen, and in the end you can either thank yourself or blame yourself.

That should keep you protected for the most part. It’s always good to be a little cautious and ahead of the game… this guide should help you get started!

Comments

• Find It

• Recently Written

  • Virtual Private Servers (VPS) aren’t adequate for most website owners.
  • Lots of Good Reviews from Uptimehost Customers!
  • Looking for FFMPEG Hosting? We’ve got it!
  • Uptimehost selects LiteSpeed Web Server for its Clustered Cloud
  • Using Akismet to stop comment/trackback spam on Wordpress!
  • Do you let your customers know that you’re reselling?
  • Do custom name servers really matter? We say no!
  • Q&A: 10 Most Important Questions to Ask Your Web Host!
  • Protect your web site from being hacked!
  • Tweets, Tweets… we’re Tweenin’

• Categories

  • Help Guides
  • Misc
  • New Features
  • Press & Media
  • Rants
  • UptimeHost

• Monthly Archives

  • February 2009
  • January 2009
  • December 2008
  • November 2008

• Admin

  • Log in
  • Wordpress
  • XHTML