Stop an intruder from hacking your site
Type ‘prevent my site from being hacked’ into Google and you’ll see roughly 5,790,000 results. Conversely, a quick search for ‘my site has been hacked’ reveals~nearly 9 times that number. While this doesn’t tell us how many people searched for these phrases (though Google Keyword could), it does tell us something about the human psyche. We’re more interested in articles on fixing the problem than in ones helping us prevent them in the first place. This also suggests we’re not doing enough to prevent hacks.
As the adage goes: prevention is better than cure and finding ways to~reduce your risk to hacking and viruses should be standard practice for businesses of every size and scale. These~measures (not all of which are time consuming or techy) not only help to prevent downtime and reputational damage, but also loss of business revenue. Alarmingly, 36% of small businesses were victims of cyber attacks in 2012 according to a recent report.
5 simple measures every business should take:
#1 Strong Passwords
We all know we should have a hard-to-crack password, but what actually does that mean? The best type of password has around 8 characters including a number and uppercase letter. For a web developer, the best way to protect user passwords is to employ salted password hashing. When using salted passwords the process of cracking a large number of passwords is slow as every guess has to be hashed separately for every salt + password.~ Crackstation has a useful guide on doing it right.
#2 Keep software up-to-date
It may sound obvious but keeping all software up-to-date is vital for a secure site. This includes both the operating system and any software running on the website. Expired software is frequently the target of hackers who look for security holes. If you are using SaaS hosting services, then you won’t have to worry about applying updates. They will take care of these for you. Many CMS such as Wordpress will make life easier for you by notifying you of system updates as soon as you log in. Checking back regularly is therefore essential to ensure your website remains up-to-date.
#3 Backup your data
This won’t so much protect you from a security risk but it will soften the blow if you are hacked. It is much easier to reload a website than rebuild it. Just make sure you keep an off-site copy. You don’t want to lose it in a fire, earthquake or other man-made or natural disaster.
#4 SSL
It is a good idea to use a security certificate (SSL) to protect data passed between a website and web server or database. This security protection helps to prevent hackers from accessing sensitive data or entering user accounts. An SSL Certificate also tells customers their personal data is safe.
#5~Firewall
Make sure you have a firewall set up and are blocking all non-essential ports. This prevents unauthorized access to or from your network. Messages that don’t meet the specified security critera are blocked.
#6 Error Uploads
If you have a login area to your website use a generic automated response for incorrect details. It is~better to say ‘incorrect user and/or password’ than allude to one or the other of them being correct. Informing the hacker of a correct password or user enables them to focus~on the one that’s wrong.
Making sure you’re the first to know if you’ve been hacked is important, and can significantly reduce the catastrophic fallout from such an event. Website monitoring services can help by remotely monitoring your website and sending email/SMS alerts if suspicious activity is detected.
Site24x7 offers free and paid global website, application and server monitoring to support business growth.