How Do We Prevent Our Website From Being Hacked
By Lucid Softech IT Solutions | Web Development, 03 Jun 2016Keep your website updated to the latest version:
As the version of particular CMSs becomes old that means its using the old programming ways and the hackers now know how to break that system, so it is always a better approach to keep your website to the latest version.
Change password regularly:
Keep changing you admin backend password on regular basis so that there is less possibility some of your old developer, partner etc. can access your site juts because the old password is still working. So make it a standard practice to changing your password.
Make Password strong enough so that it is hard to break:
There are tools which gives you ways to try various combination of usual standard password to access the website. So you must always use a tough password. The below are the examples of easy and tough password:
Easy password= admin123
Strong password= !w9WX]%@
Files upload Restriction:
There are various features on the site where we ask users to upload files to your site for example avtar, resume etc. No matter how well you have placed check in the file extension it’s been see to bypass the check. So it is better that the file name is changed at the time of upload to some random name. One method can be changing the file permission of the files. So that only specific uses can run executable files.
Other way is to upload files in a different folder out of root folder and call the images to the browser through script.
Setup Firewall:
Firewall setup will give a wall over your server/ website and will check all the date goes out or comes in the site. This is called Web application firewall. Firewall ensures hacking free site. It also makes your site safe from spammer and fake and spam traffic.
SSL Installation:
SSL insures that the data on your website is totally encrypted while its submitted to the database or its retrieved from the database. The data is only visible to the user with authority to view it.
Take Backup frequently:
Even after taking so many security measures if something bad happens then you can atleast restore the back up of you site if you have backup in place. So it is always advisable to have backup of your website on regular basis. Most of server companies offer backup facility on
Error Messages:
Login error messages should be short and precise and should not give much information about the access like you have part of it is correct as hackers can leverage this info to get the access.
Change Admin panel URL through code:
Now most of the CMSs give option to change admin URL from the standard URL to customized URL, this gives added security as user can’t directly go the standard URL of the website like
www.myexample.com/wp-login.php for WordPress or www.myexample.com/administrator for Joomla
Instead now in few CMS you can change the URL to:
www.myexample.com/businessname.php etc. So this is good approach to give added security.
I hope this post will give you fair idea of how to safeguard your website from hackers. For information like this keep visiting our blog page