Security Tips for Websites
We always hear about websites that are hacked, ranging from large multinational businesses,to governemnt sites, to personal blogs. But how can this be and how can it be prevented? Well,you need to protect your website from potential hackers. Most people don't think that there website will be a target,but the targets are random, and the point of attack is initiated by software programmes which are created by hackers. It is then similar to an infection that enters your body and you then become vulnerable. The cybercriminals can cause substantial damage form defacing the site to stealing login credentials.
To minimise the risk of your site being hacked, here are some useful tips:
1) Use long passwords
The passwords need to be long and at least 6-9 characters containing mixed case and numbers,without personal details such as birthdays,age etc. Whilst it may be inconvinient to have a long password the 4 digit approach will not be sufficient. You also need to store passwords securely, by using a password manager like KeePass.
2) You need a secure FTP (FTPS, SFTP)
FTP is a file transfer protocol - a protocol (almost as old as some of us who are in our 40's). Fillezilla (Client) is a program that resides on a PC and enables fast bulk transfer between the PC and server. For instance, when you use the FTP to transfer images to your server, you are sending your username and password and all unencrypted files over the internet. By doing this you risk someone intercepting your FTP password and then uploading what they want to your site, and doing what they want. To avoid such a scenario,a better option would be a Secured FTP (FTPS, SFTP). We recommend using program such as Filezilla (Client) and configuring it to use SFTP or FTPS protocol for your file transfer.
3) Install a Firewall and website monitoring tools
To limit access to your website, you need to install a firewall. Firewalls can block specific activities, IP addresses, services such as FTP ( that is unsecured) as well as specific countries from seing you. Monitoring tools give you informations on what's been happening on your site and report to you any suspicious activities.
4) Update on a regular basis
Popular platforms that are regularly under attack are WordPress, Joomla, Magento, osCommerce, and Zen Cart. These platforms are popular with hackers because they are popular with masses who are attracted to their open-source nature. Hackers will obviously be able to attack and reach more servers the more popular the platform. So you need to keep up to date with the latest versions to avoid being an easy target for hackers.
5)Encrypt your data
If you collect personal information and credit card details, you are responsible for securing this information. You can encrypt your pages via SSL (Secure Socket Layer) Certificate which gives web browsers the ability to build an encrypted (secure) connection. Once this is done, a padlock will appear in your browsers status bar, and secure pages will start with https as opposed to http.
So now that you have all this security information, is there any way your site can be hacked? Unfortunately, yes. Hackers, may find a way in,so here is the last tip :
6) Do Regular Back ups
Ensure that you back up your site on a regular basis (Best solution: “Do a backup every time you change or add something”), and that the back ups are off your server. So in the worst case scenario whereby a hacker gets through to your website, you will still be able to restore files and content.
So hackers really are a pain in the butt and website owners must constantly be on guard or risk there website going down and experience loss of business and business reputation.
If you would like to discuss any of these issues or need hep in securing your website, give us a call and we can help you out.
Have a great Monday, and enjoy your week!