How to protect your website from hackers

Posted by Andrei on November 28, 2016 in How To's

These days, it’s vital to secure your website and make it as unbreakable as you can. We don’t know if you know this, but most of today’s website security breaches are attempts to use your server for sending spam emails, or to setup a temporary web server for files of an illegal nature.

That why, in this article we’ll be talking about simple ways to protect and secure your website.

Strong Passwords. This is one of the first things you should think for securing your website. Your password should be extremely hard to guess. So, don’t use passwords like “password123” or “mypassword”, avoid using personal and important dates or names of your family. Your website passwords should be at least eight characters’ long, with a mix of upper and lowercase letters, numbers and special characters, such as exclamation marks or percentage signs. If you have problem remembering your complicated passwords, you can use a storage app like Last Pass.

Limited access. Grant access to your website only to those who really need to have it. What can happen if you let too many people have access to your website CMS or BackOffice? First of all, they can change anything whenever they want. So, be sure to really trust the persons you grant full access to your website. And after they don’t need access anymore, don’t forget to delete their account or if they were using your account, just change your password. Second of all, more accounts you have, more ways for hackers to hack. So, if you have people writing articles for your blog, it’s great if you make sure that’s the only thing they can do. Finally, treat your login details as you would a PIN number. That means you have to be really careful where you write it down!

Update your software. We know most of you understand how important is keeping your software updated, but we still want to approach this issue again. The moment a programme or an app has a security flow, the software company that made it will release an update to solve the problem. But, if you forget or don’t make time to update your programme, then your website will still be vulnerable to that security problem. So, keep an eye on the latest versions releases of WordPress or other eCommerce package you use and update them as soon as possible. Also, don’t forget about your computer software, because many hackers use your computer to find out your website login details.

Use HTTPS. These days, HTTPS it’s a must-have for every kind of site, even if we’re talking about a non-eCommerce one. As you probably know, HTTPS is a protocol used to encrypt data that travels between your web server and the person accessing your website. And this makes it very difficult for a hacker to access sensitive data such as account details.

No phishing. Every day, thousands of phishing attacks are launched, so don’t think it can never happen to you. Phishing attacks are an illegitimate way to find out personal and financial information about you or your clients. They mostly occur via an email that you can easily spot if you know what to look for. Most of the time, these emails have very poor spelling and grammar and if you hover over any link in the email and it doesn’t match the link in your browser, then it’s a red flag. Also, you should know that reputable organisation will never ask for your personal information through an email. Finally, don’t download an attachment if it’s from someone you don’t know or you weren’t expecting it.

Use eXploit Scanner from ConfigServer. You should always use a software to protect your website from hackers in the same way an anti-virus programme makes your computer secure. And we recommend eXploit Scanner from ConfigServer, a tool that performs active scanning of files as they are uploaded to the server. This type of scanning can help prevent exploitation of an account by malware by deleting or moving suspicious files to quarantine before they become active.

Tags :  ,  ,  ,