How to Prevent your Website from Being Hacked

Hackers and cyber criminals commonly target websites with vulnerabilities. If you’re using a weak password, third party applications that aren’t up to date, or old and un-updated anti-virus software, you are making your website vulnerable to vicious hacker attacks. Keeping your website secure against harmful intrusions and hacker attacks means more than installing traditional firewalls and intrusion detection systems. Being proactive and taking preventive measures is the best way to fight hacking and have a safe website on the Internet.

What most website owners don’t realize is that it only takes a few simple steps to ensure a higher level of security for their websites. None of these steps are hard to follow and do not require any special software or programming knowledge, but they are absolutely essential in helping you prevent your website from being hacked. These anti-hacking methods are general enough and can be applied to any size website, be it a large online store or a small informational website.

Implement basic security methods to protect your website from hackers

By implementing basic security methods you can significantly increase your chances of keeping your website safe and secure. While these methods can’t guarantee full protection from all hacker attacks, it will put you ahead of your competitors who do not have any website protection and security at all. Here are some things you need to know about protecting your website from being hacked:

  • Choose secure passwords. Protecting your admin panel password and FTP      account password is a matter of creating letter and number combinations that are not easy to guess. Always try to use the most difficult password possible. A secure password is at least 8 characters long and includes a mixture of letters, numbers, and special characters like punctuation. The more complex and obscure your password, the tougher it is for hackers to crack.
  • Keep your software up to date. If you are using old versions of blog/content management software, chances are it’s insecure. Make sure that the software you have installed such as WordPress, SMF, PhpBB, or any other software you installed on your own is updated to the latest version as updates become available. In some cases, you can subscribe to the software you installed to ensure you are notified immediately when security updates are released. For example, sign up for mailing lists that most major software vendors offer to release news announcements of new versions. Subscribe to an RSS feed or a forum board. Create a Google Alert and do whatever you need to do to update your website’s software to the latest stable version as soon as possible. If you are updating your home or office PC regularly, why should you not update your website’s software regularly too? Remember, software and web applications that aren’t up to date can cause your website to be easily compromised.
  • Use encrypted services. Consider using encrypted services over non-encrypted ones. This means replacing software such as FTP with software such as SFTP, a network protocol that provides secure and reliable file transfer and file management functionality. If you have a webmail application, host it on an SSL-enabled port and use SSL encryption for anything that requires a username and password. If you send emails from a remote machine to your server, make sure encrypted connections are configured within your mail server.
  • Use secure 3rd party scripts and add-ons. Think before uploading/installing widgets, plug-ins, and other modules onto your website. 3rd party scripts or any other code you install are written by unknown developers under unknown circumstances. Non-secure scripts and plug-ins cause approximately 70% of hacker attacks. Be sure to research any code you want to install that you didn’t write yourself.
  • Your hosting provider is not always to blame. Most website owners think that if their website gets hacked, it’s because their web hosting provider isn’t doing their job right. But the truth is, it could very well be your own fault. Although most web hosting companies will protect their servers and your website to some degree, it’s important to realize that the content in your account is up you. When you get hacked it means you had some form of vulnerability in your site. As a website owner you are responsible for keeping your password secure and your scripts bug-free. You must safeguard your data with routine maintenance and awareness of the protection that is available to you through your web hosting provider. Using virus scans, securing your passwords, clearing browser history, and being aware of general protection and security issues is the best way to prevent your website from being hacked.
  • Make your own backups. Back up all your data regularly. Don’t rely on your web host to keep a backup for you. Make backups of your website and save them on an external hard drive or download copies to tape, MP3 player, or Iphone. Never let your website visitors see that you got hacked. Just change the server or password and use your backup to get your website up and running again.
  • Choose a reliable web hosting company. The best line of defense against a potential hack attack on your website is to make sure you have a reliable web hosting provider. At GlowHost we take your security very seriously. We provide reliable hosting solutions and excellent customer service and do our best to help protect your websites from being hacked. All servers at GlowHost are highly protected using mod security and a customized PHP version that has been hardened against the most common exploits found in PHP. In addition, we offer hardware and software firewalls and the latest stable versions of server software like Apache and PHP. With GlowHost you can enjoy enhanced security and the highest level of protection for your website.

This is not an exhaustive list of the steps you can take to prevent your website from being hacked. And even though hacking will never stop, by following the above steps and taking precautions to secure your website, you can greatly decrease the risk of being hacked. It also never hurts to hire experienced web hosting consultants to see what other options may exist for hardening your server and securing your website. If you need a competent admin to help you with your website security issues, GlowHost has a team of highly-trained technicians ready to help you secure your website.

A final consideration is to sign up with a motoring and repair service like Sucuri. Sucuri is a fantastic service that will alert you to any new compromises that have been detected on your web site, they will repair your web site, and then they will report to blocklists like google to inform them that the site has been repaired. The service price is reasonable, the value is terrific, and their tools work well.

Current GlowHost customers can take advantage of discounted Sucuri pricing by visiting our Web Site Insurance offer and signing up for the service directly.

If you think your website may have been hacked, contact GlowHost anytime to let us know. Visit www.glowhost.com today to learn how we can help you protect your website from being hacked.