December 2, 2014

How To Protect Your Website From Hackers

By:

The following is adapted from an email sent out to all of our clients.

It is a reminder of some things you should be doing to protect yourself from malicious attacks.
Cyber-Security-Hacker
Often site owners are unaware that they have been hacked since the performance of their site is not effected at all. The goal of the hackers may be to send out spam through the server. In this case, they compromise the site, install malicious files and send messages out using the server’s resources. This may result in a server being blacklisted with mail being sent from that server unable to be delivered to their intended recipients. Other forms of spam may result in unwanted search listings under your domain such as:

yourdomain.com/cheap-propecia-online/
yourdomain.com/purchase-propecia-online/
yourdomain.com/brand-viagra-professional/
yourdomain.com/tor-cialis-australia/
yourdomain.com/approved-cialis-pharmacy/
yourdomain.com/us-pharmacy-viagra/
yourdomain.com/viagra-approved/
yourdomain.com/propecia-price/
yourdomain.com/viagra-preise/
yourdomain.com/overnight-cialis/
yourdomain.com/cheap-viagra/

While we (and hopefully other web hosts) are continually updating software to ensure that sites and email are safe, here are some things that YOU SHOULD DO:

1) Install and regularly run the following software on your computers and mobile devices:

For PCs you can download a free recommended program from https://www.malwarebytes.org/mwb-download/

For Macs you can download a free recommended program from http://download.cnet.com/Avast-Mac-Security-2015/3000-2239_4-75451160.html

2) Never share passwords. Each person should have a unique username and password. Change your passwords occasionally. Passwords should be at least 7 characters, the longer, the better. This is true for website access as well as email.

3) If you have a WordPress site, update WordPress and all the plugins on a regular basis. WordPress is updated almost every month and you need to keep your site’s software up-to-date or it is almost guaranteed your site will be compromised. To find out about WordPress updates, use this plugin to get notified about WordPress updates.

4) Sites get hacked. You should have a contingency plan. We back up our server daily, weekly and monthly, but don’t rely solely on your server to make backups. Backups should be both incremental and complete. They should be stored off-site. Make regular backups of your site. Most servers have a backup wizard as part of their control panel (CPanel, Plesk, etc.) which you can run with a click of a button and then download to your computer. Make sure you backup your website, databases, mail and any other files that are important.

For those of you with WordPress sites, there are numerous plugins which will allow you to backup your site from the WordPress dashboard. Here is a good comparison of backup plugins for WordPress.

One Response to “How To Protect Your Website From Hackers”

    A hint for passwords: use non-latin characters including foreign character sets, punctuation and spaces

Leave a Reply

  • (will not be published)