How To Prevent Your Website From Being Hacked?
Published: August 1, 2012
Author: Kes Agnew
There are many things that one should keep in mind to prevent websites from being hacked.
- Keep your website scripts up to date; running old versions of software may lead to vulnerabilities which will cause your website to be insecure.
- All data input on a website such as contact forms or data based driven pages must be sanitized to prevent SQL injection attacks. There are commands to “sanitize data” that basically ensures that the data that is there is the data that is suppose to be there.
- Secure hosting and ftp passwords. Passwords should be at least 10 digits long and contain random numbers, capitals and non-capital letters. If hackers are able to crack your password, they will be able to change things and put viruses on your site.
- Limit who has access to hosting, Site admin & ftp. It is best to only limit access to yourself, however if necessary, allow only one or two other people access.
- Limit the number of CMS add-ons or plug-ins that you install. Only install plug-ins that are absolutely needed because every plug-in has its vulnerabilities.
- Be cautious when installing third-party programs and scripts. Read through the code and look for unusual signs like third-party URLs and special characters.
- Check your access logs regularly and watch for abnormal traffic on your site. If people (who are outside your usual customer range), are paying a visit to your website, they are most likely there to hack you. For instance, if a website advertising a cottage in Canada receives new and frequent hits from India, the website owner should be concerned. The reasoning is clear; why would someone from India be interested in renting a cottage in Canada?
- For people who put email addresses on their site, make sure to store your email in a proper format (eg. MySQL Database). This is an easy way to avoid spam emails sent from spammers.
- Find website security software that does more than just scan for viruses. Use one that can lock your site down and defend against hacker attacks.