Few months back, we had a hard time in getting SloDive out of the clutches of hackers who most probably hacked our website just for “fun”, but we the victims and the readers had to suffer in regard to content and mental peace. It was then, we realized how important it is to increase Website Security and regularly update it without any fail. Don’t wait for hackers to do their job first because although you will learn a lesson for life, but sometimes you are left with nothing.
You loose your readers trust (as they get Malware warning from your site), your sponsors, your hard earn money (in getting back the stuff) and sometimes even the last letter of your entire data. It is always better to be safe than sorry, so we have come up with some important measures you should take at once to tighten your Website security and review it periodically.
If you like this article, you might be interested in some of our other articles on Top Free CMS, Top Things To Know About Hosting Security, The Risks Of Hosting, and Create Personal WordPress Login Page To Strengthen Your WordPress.
Obscure your Configuration Files
Don’t challenge and encourage Hackers to show their skills and expertise by keeping these important files in ‘public_html’ folder as this folder is visible on internet. Also keep these files password protected. Block the wp directories from search engines to hide your installations. Add Disallow: /wp-* string to your robots.txt files.
Fixing Writable Permissions
As the general rule, Website Files should be set at 644 and Folders to 755. This can be done through FTP client or manually through Control Panel > File Manager > Select File > Change Permissions.
Use a secure network to connect to your account
While it is a simple measure but very important aspect for ensuring your Website Security. Your wireless connection should have a WPA or WEP encryption. Try not to use shared networking.
Check for any Malicious or Suspicious Files
Although you will find many unacquainted names of the PHP application generated files but you should still lookout for any name sounding too malicious.
Strengthen Database Security
When you are running Multiple Websites, it become all the more important to strengthen your Database Security. When installing WordPress, keep Separate Database Management for each blog.
Limited Website Access
Look for any possible entry from where hackers can overpower your Website.
Security Plugins for WordPress
There are some very good plugins you can install in WordPress to enhance your Website Security. Some of these Plugins are mentioned below:
Moreover keep updating plugins to the latest versions and if you find it extremely useful, you can also go for a Pro Version.
Report Security Issues at Once
Report any security related issue to the help desk without waiting much. Its better to ask than presume things.
Update all Scripts and Applications
Whenever you get an notification regarding latest version of the Scripts or Applications you use, you should update it immediately without any delay.
Invest in a good Anti-Virus/ Spyware
All other security measures mentioned till now will be futile unless you make your Computer safe and secure for use. Don’t compromise on security by installing a “cracked Version” of antivirus. Recently one of my friend installed such “cracked version” in Kaspersky and the first message he got after installation was regarding detection of a Malware software on his computer which was the software he used to generate an activation code for the antivirus.
Free Anti-Virus Applications
There are few free applications that you can install to shoo away any Malware or Viruses. You can try and test some of these Free apps although free or Trial versions are not equipped with full features.
- PC Tools Anti-Virus
- Ad-Aware Anti-Malware
- ClamXav (For MAC)
- Malwarebytes Anti-Malware
- PC Tools iAntiVirus (For MAC)
- Panda Cloud Antivirus
Whether it is your server or the Network, be extra careful to use only the trusted ones. A little casualness can cause huge losses.
Get rid of Spam with High Registration Security
In Registration Spam, fake users accounts are created on blogs as possible to add the links and text they wish to for their dazed SEO campaigns. To prevent this, go for High Registration Security. You should get rid of comment spam by installing a Comment Antispam system like Akismet or SABRE Plugin.
Hosting and Domains
Always use affiliate credit to buy or renew hosting and domains. You can read our previous articles on 4 Top Things To Know About Hosting Security and The Risks Of Hosting to know more in this regard.
Change your Password Periodically
Make it a habit to change your Login and Database Passwords Regularly. Go for strong passwords to make it difficult to guess. You can also try Automatic Password Generators to produce Long and Strong Passwords that are extremely hard to crack. Checkout some of these Password Generator Websites
Regular Data Backups
Back up your data regularly, including your MySQL databases so that you don’t have to remorse in case your site is hacked and everything deleted.
Secure Sockets Layer (SSL) Certificate
With increasing awareness among the netizens, E-commerce sites without SSL certificate are not considered safe anymore. Buyers don’t want to share their financial details on unsecured sites.
Do regular security checks and audits to ascertain any loophole left. You may even ask your friend with a knowledge of Ethical Hacking to check out for any possible entry points for cyberpunks.
Delete Unnecessary Database and applications
Your Account is not a trash can to keep every Unnecessary Database, Scripts and applications you had once installed but never used it.
Contact your Web Host instantly in case of Hacking
If your Website gets hacked due to some reason, contact your Web host immediately to avert any major loss. More the delay, more the chances of irrecoverable losses.