Tips To Prevent Your Site from Being Hacked

With shared hosting being so popular we thought we would make a blog post about how you can take proactive measures and prevent your website from being hacked. Each day hundreds of websites on the Internet are hacked and the owners of the websites are clueless as to why it happens. We want to educate users and help you to keep your website secure and safe.

Make a Strong Password for Cpanel and FTP

The easiest way hackers can get access to your website is by guessing your password. Keeping a strong password is crucial and is the first step in protecting your website. Use a password with Upper case and lower case, numbers and symbols or characters. The longer the password the better. Change your password every 3 months at minimal. Lastly if you give your programmer access to your control panel always change your password once they are done working. Passwords can easily be stolen if your computer is infected with a trojan or virus as well so have a current virus scanner and Trojan software. Personally I use: http://malwarebytes.org/mbam-download.php . The program is free and looks for Malware/Trojans. I recommend running it once a month.

Keep Your Software/Scripts Up To Date

Installing a script such as Wordpress or Joomla and then leaving it to run itself is a sure way to invite hackers. Having a website on the Internet requires maintenance and up-keeping. You should ALWAYS check your software or script provider for updates, patches or new versions. When software is released not only are there new features but security is always tightened and bugs are also fixed. Making sure your script is up to date is critical is maintaining a safe website.
If you run a CMS or forum be sure to avoid too many random plugins. Plugins are a very easy way for hackers to attack as they are not verified by the original script provider in most cases. Use them at your own risk.

Blaming Others or Your Host


Okay so you got hacked and now submit a ticket to your web host and they give you advice but do not fix the hacked website. Well, being in the industry for so many years I wanted to get this point straight. Web Hosting companies are not responsible for your website getting hacked. You are responsible for keeping your password secure and your website safe. You must understand that you may not know what to do when you get hacked but the best method is doing some research. Do not expect your web host to clean your website. Your web host provides space and bandwidth. When your site is hacked it means you had some form of a vulnerability in your script or your password was leaked somehow. Being proactive is the best way to have a safe website on the Internet.


Keep Your PC Clean and Virus Free


As I previously mentioned keeping your local PC secure is crucial. A high percentage of hackers gain access to your website by placing a trojan, virus or key logger on your computer. I cannot stress enough on how important it is to keep your computer secure and safe. Use a good virus scanner and keep it up to date. Also keep a trojan scanner on your computer. Maintaining a clean PC is good practice as one of the most popular iFrame Hacks comes from an infected PC.

Backup your website!

I cannot stress this enough. Backing up your website is a must. You should always have a current copy of your website on your computer. I have seen too many people lose files or even there own website because they did not have a website backup. Your web host is NOT a backup provider so do not expect them to save you in case of a disaster. Always, always, always have a full site backup.

You can go inside the cPanel and click on the Backup Wizard icon to generate a full backup of all of your files and databases. This is the safest way to make a backup. After the backup is done you will get an email and then can download the backup to your computer. Do not keep the backup on your web hosts server as that would not be logical. As you read this, login to your cPanel and make a backup

Keep the files on your PC or a USB Key or External Hard Drive, it can save you from a major headache. No one expects you to read all the tech new and virus info. With the search engines at your finger tips you can find a vast amount of valuable information and tip on how to have a safe home for your website on the Internet. Just check your script providers forums, read some articles and general knowledge of what youre doing can be very beneficial.

Secure Your File and Folder Permissions (CHMOD)

Many scripts these day require you to set 777 permissions on files and or folder. This is NOT safe in any way and we highly recommend you do not do that. 777 allows users to read/write/execute meaning they have full access to that folder and file. To remedy this always use 755 or 644 permissions. Your script should still operate without any issues at all. This is a very important piece of advice in my mind and I highly recommend you check your website and use 755 or 644 file and folder permissions to keep secure.

No one can guarantee that there website is hacker free however being proactive and knowledgeable can go a long way!

  • 10 Users Found This Useful
Was this answer helpful?

Related Articles

I get "503 Service Unavailable" error message on my website

It is possible your 503 error is caused by too many processes in your website. Generally, this is...

Why I can not access my cPanel?

Please check if port 2082 is open or not. Go to http://www.canyouseeme.org to check if you are...

Why I can not access my WHM?

Please check if port 2086 is open or not. Go to http://www.canyouseeme.org to check if you are...

Why can't I log into my cPanel, WHM, or webmail?

Most networks have a firewall setup to block access to the ports required for cPanel, WHM, and...

Why can't I access my website?

If a website cannot be accessed, it can be happen because of various reasons. You need to...