It’s an unfortunate fact of life that if you own or run a website, at some point in time, you’re going to be faced with someone trying to break into your site. It’s actually more common that you think, as it’s relatively easy for someone to launch a bot that just trawls the internet looking for a vulnerability. So when I came across a blog about called Three Simple Things For Protecting Your Site, I thought I’d replicate them here to spread the word.
- Update your applications and scripts: Most hacks out there make use of a vulnerability that has been discovered in software you’re running on your web server. Suppliers and development communities are quick to release patches that solve these vulnerabilities, but if you don’t update your software, you’re going to remain exposed.
- Create strong passwords: Another common route to gaining access to your site is guessing one of your passwords. Make sure you always use a strong password, and for heaven’s sake, don’t use the default password that ships with any product you’re installing.
- Mask your folders: Most webservers are configured in such a way that if they don’t find a “default document” in a folder, they’ll just show the list of files in that folder. Make sure each folder on your server has an “index.html” file or whatever default document your server uses, to help you mask the contents.
I got the tips from Web Hosting Geeks blog, a website that reviews hosting companies and helps you find the best web hosting in the category you’re looking. Now, I’m not saying that if you follow the steps above you’ll never get hacked, but you’re significantly reducing the odds by making sure the more common entry points are secured.