How do I secure my site? Print

  • 55

These are some of the things we recommend you do to help secure your website.

 

1) Keep software/scripts up to date. You need to regularly monitor the web sites of the developers of any scripts you use. Watch for security and bug fix patches and smaller point (0.0.x) releases. You should not wait to install these. Do so as soon as you can. Hackers look for slightly outdated versions with a confirmed security flaw and try to exploit it, often on the same day a new release is out or sometimes even earlier than that.

 

2) Use secure passwords. We already implement password policies that require you to use a password of a certain strength, however, make sure that your password is stored securely, putting passwords on your desktop or in fact anywhere on your computer is a bad idea. Physically writing your passwords down is the best way forward.

 

3) Make sure your files are using the correct CHMOD Permissions. CHMOD File Permissions assign a specific value to every file/folder on your server, which allows different levels of access. CHMOD Permission range from 000 (No access) to 777 (Full access), you must decide which files get what permissions, but be warned that some third party software requires higher permissions to operate properly. You need to balance out features with security and make an informed decision.

 

4) Don’t use Generic Usernames. Using common words for usernames such as admin, administrator or Site Owner can cause many implications because you are simply making the job of the hacker’s a lot easier.

 

6) Don’t place files or directories into your site’s web root (public_html) if you aren’t actively using them. Remove old files and directories as soon as you are finished with them. A lot of people make the mistake of leaving old scripts, files, and directories in place after their site no longer needs those items. Hackers, scammers, and spammers may be able to use this old or forgotten content to compromise your site. However, they cannot exploit these things if they aren’t hosted on your site anymore.

 

7) Remove old accounts. Any Email Accounts, Databases, FTP Accounts, etc. should be removed once you are done with them. Why leave one more account at risk of being compromised if it isn't being used anymore?

Hopefully those tips above should give you a hand on what to do from now onwards to prevent your website being hacked.


Was this answer helpful?

« Back

We're trusted by amazing customers in 136 countries - come & join us!
Matthew Beausoleil February 4, 2024
Everything is working as expected

I was looking for a simple syncthing server and didn't need anything fancy. I found Ethernet servers on server hunter and chose them because of their low price and good reviews. I had access to my server within a few minutes. It was easy for me to change the ubuntu to Centos and everything is working as expected.

Sameed Sohani January 21, 2024
Great service overall thus far

Three reasons I decided to try out the service: I heard and subsequently saw that the prices were great, it is very hard to beat those unmanaged special offer prices. I heard that the service was reliable, so far so good. It's only been a week, but I hope that it will continue to be reliable as I use it more. I heard that the support is excellent, and I have to agree. Great service overall thus far.

ジエント January 12, 2024
The networks are top of the line

Great upload and download speeds, apt-get updating is a breeze. The only mishaps was on my end, ssh had some weird buffer lag (sometimes unresponsiveness) that has to do with my connection with my isp. Just make sure your connection stable and everything should work just fine. The networks are top of the line.

Atul Sharma Atul Sharma
Nothing but a joyful experience

Been with them for a week and the transition from old hosting to ethernetserver has been nothing but a joyful experience. Setting up new vps, networking is like a breeze. All set up by george and nothing to worry about really.


Ethernet Servers Ltd
124 City Road
London
EC1V 2NX
United Kingdom


Registered Limited Company: #09114946

Telephone:
+44 330 043 1258

Email:
sales@ethernetservers.com

Copyright © 2014 - 2024 - Ethernet Servers Ltd - All Rights Reserved.

Proudly serving customers in 136 countries since September 2013!