How do I secure my site? Print

  • 6829

These are some of the things we recommend you do to help secure your website.


1) Keep software/scripts up to date. You need to regularly monitor the web sites of the developers of any scripts you use. Watch for security and bug fix patches and smaller point (0.0.x) releases. You should not wait to install these. Do so as soon as you can. Hackers look for slightly outdated versions with a confirmed security flaw and try to exploit it, often on the same day a new release is out or sometimes even earlier than that.


2) Use secure passwords. We already implement password policies that require you to use a password of a certain strength, however, make sure that your password is stored securely, putting passwords on your desktop or in fact anywhere on your computer is a bad idea. Physically writing your passwords down is the best way forward.


3) Make sure your files are using the correct CHMOD Permissions. CHMOD File Permissions assign a specific value to every file/folder on your server, which allows different levels of access. CHMOD Permission range from 000 (No access) to 777 (Full access), you must decide which files get what permissions, but be warned that some third party software requires higher permissions to operate properly. You need to balance out features with security and make an informed decision.


4) Don’t use Generic Usernames. Using common words for usernames such as admin, administrator or Site Owner can cause many implications because you are simply making the job of the hacker’s a lot easier.


6) Don’t place files or directories into your site’s web root (public_html) if you aren’t actively using them. Remove old files and directories as soon as you are finished with them. A lot of people make the mistake of leaving old scripts, files, and directories in place after their site no longer needs those items. Hackers, scammers, and spammers may be able to use this old or forgotten content to compromise your site. However, they cannot exploit these things if they aren’t hosted on your site anymore.


7) Remove old accounts. Any Email Accounts, Databases, FTP Accounts, etc. should be removed once you are done with them. Why leave one more account at risk of being compromised if it isn't being used anymore?

Hopefully those tips above should give you a hand on what to do from now onwards to prevent your website being hacked.

Was this answer helpful?

« Back

We've worked with 25,506 customers in 143 countries - come & join us!
Dr Robert James June 16, 2024
"Server is very fast"

I got a VPS from Ethernet Servers and everything about their service i s good. The server is very fast, 24 hr customer support, prompt trouble shooting at back end. Pricing is reasonable. I would love to avail of their services for a long time. :) Thank You. Dr Robert James

Daniel Imray June 7, 2024
"Very good choice"

Amazing so far, everything seemed to work great when I put my first si te up, when I had some minor queries I got very quick responses to support requests. I'm very glad I found Ethernet Servers, as I didn't have a clue what hosting site to use, or how they work, but this seems to be a very good choice.

mahdi khoramnejad May 19, 2024
"Best support"

They have the best support. It's really great.

OR.S May 10, 2024
"Highly recommended"

Excellent host. Prompt replies in good, clear English, easy migration from HG, good speed, all necessary info provided on sign up (ftp, logins etc) error free. Highly recommended

Ethernet Servers Ltd
124 City Road
United Kingdom

Registered Limited Company: #09114946

+44 330 043 1258


Copyright © 2014 - 2024 - Ethernet Servers Ltd - All Rights Reserved.

Proudly serving customers in 143 countries since July 2014!