Site Security Tips
Recently the number of sites being hacked has risen dramatically. Many distraught site owners see their sites damaged, experiencing a loss in rankings, or even have data stolen.
Although most good hosting companies will protect their servers, it’s important to understand that you are responsible for your own site.
Before offering simple tips, it’s worth mentioning a few basics about the different kinds of hacks, their purpose and how they can affect you.
We won’t go into detail at this stage, but the number of exploits and the number of different types are mind-numbing. Some of the most common include: XSS, SQL Injections and defacing
Staying up to date is a full time job, but like most types of crime, being prepared and protecting yourself should give you a better chance of protection than no preparation at all.
That said, here’s a basic primer on protecting your site from being hacked when it’s on shared hosting.
Simple Security Tips
1. Keep Software Up to Date
If you are running old versions of software chances are it’s insecure, make sure you upgrade to the latest release. Most updates to software are security or functionality related, which means if you aren’t running the latest version you are likely to have missed a few security fixes.
2. 3rd Party Scripts and Code
Plugins, widgets or any other code (including free templates and themes) you install are written by other people under unknown circumstances. Some may be great, some may be full of holes. Be sure to research any code you want to use that you didn’t write yourself. Even a few Google searches should help you find out how secure the code you are using is.
3. Your Own Fault
One of the biggest causes of Identity theft and an easy way for someone to get details to your site(s). Your own computer is likely to be a weak link in the chain. Whether it be from poisoned powerpoint files or someone phishing your account details, the vulnerabilities are limitless. No matter how secure your site is, if the machine you access it from (including logging in and editing etc.) is not secure you stand a good risk of being compromised and it may affect more than just your site.
Use virus scans, clear histories, secure your passwords and be aware of general security issues (try not to let your shiny new MacBook air be stolen). Open and Public wifi spots are an obvious security risk. If you give everyone access to your PIN number for your bank account, expect to be robbed.
4. Secure Passwords
A secure password goes a long way to slowing down a potential infiltrator (real ‘hackers’ do not tend to be people that destroy sites, but ethically search for security holes in technology). Put simply passwords should always be a combination of letters and numbers, uppercase and lowercase. The longer the password, the better (though conversely the longer it is the harder it is to remember).
No dictionary words, no family names and no easily guess-able information either.
You can also generate a random password which is even more secure.
5. Checking Your Logs Regularly
Without watching who is visiting your site, what you are ranking for and similar you could be compromised and never even know it.
If you spot any unusual traffic (ranking for gambling, pharmaceuticals and sex terms is a common one) try working out where it is coming from / going to. From there if you are sure it is a hack you can get some quick help. (Send us a message, we’ll do what we can).
6. Outsource a Little Prevention
Using high quality software, a good coder (one who is security aware), hiring a professional security agency or using an automated method like the Firewall script or Hacker safe will help to reduce your risk. What you outsource depends on your needs (and resources of course). [Note: Clever Solution, LLC provides security maintenance as part of its service]
7. Backup, Backup, Backup and Then Backup Some More
While this tip won’t protect you from being hacked, it will be very beneficial to you should it happen.
Send copies of your backup to your gmail, and auto forward them to your yahoo mail. Download copies to tape, your MP3 player or Iphone, it doesn’t really matter. What does matter is that in the case of a hack there will be a couple of things you want.
a. Records of IPs accessing your site.
b. A clean (pre hack) backup of your site (hopefully, including the latest updates) [Note: Clever Solutions, LLC provides backups as part of its service]
Get Clever! Security and preventative protection is part of the service!