Have you ever encountered that sinking feeling like no other when you discover that hackers have permeated your web hosting, and you feel totally helpless to do anything about it? It’s no fun, I can tell you. Not only that, the fix is often very cumbersome, time-consuming and sometimes expensive.
That’s when you go around scratching your head wondering how you could’ve been so silly as to not lock things down better. Don’t be so hard on yourself; it can happen to anyone, but there are several ways to make it a great deal harder for hackers to gain entry, and wreak their particular brand of havoc. Let’s see what those are.
Check Your File Permissions – This controls the accessibility of files on your site’s database. If the permissions are too lax, say 777 all around, (which gives the user total ability to do what they want) then you are likely very much at risk. This often occurs when you (or someone you task) has been changing and editing web pages, and simply neglects to return the settings to a safe place. The settings 755 for folders, and 644 for files are usually enough to allow your site to function properly and yet be secure.
Use Secure FTP – Known as FTPS, this performs all your site’s FTP transactions through your site’s shared socket layer, (SSL) giving you an extra layer of encryption.
Change Passwords Frequently – Despite constant entreaties against the practice, many site owners insist on using the same passwords for everything, and hardly ever change them. They also do not opt for the most unguessable passwords they can come up with. All of this leads to a scenario where their site isn’t nearly as protected as they might think. Not to mention that hardly a day goes by when there isn’t a story about someone else’s security being breached, and thousands of usernames and passwords being compromised. That alone should be food for thought! You don’t even have to be at fault! Change often, and don’t use sitewide login credentials. Have separate logins for your control panels, databases, email and FTP. Better safe than sorry!
Keep Your Operating System and Applications Up To Date! - One of the best favors you can do for your site is to make sure all updates have been installed. Nothing screams vulnerable like an OS that is two updates behind, and hackers purr when presented with such easy pickings!
Same Goes For Web APPs – This is especially true for blog installations like Wordpress and Drupal. Half the reason new versions come out is to address flaws and vulnerabilities in the previous versions. Don’t compound things by neglecting to update your blog because it’s inconvenient. It’s a lot more inconvenient to restore a hacked site!
Making sure you create a secure environment goes a long way toward keeping your site safe from hackers. Nothing is forever or 100%, but using these best practices will usually send the bad guys in search of greener pastures!
related intac articles
