Website Security Steps

Website Security

An important and essential topic of discussion with any website is website security.

There are so many ways that hackers can get to your site these days and even information on how to do so is easily accessible online. By taking the necessary precautions, you will save yourself the hassle of now will help prevent having to clean up a huge mess in the event that anything does happen.

Why should I worry about my website's security?

With the IT industry constantly changing, especially with Internet and security, it’s crucial to constantly keep your software, both on your hosting account and on your computer, updated. And don’t forget to maintain regular backups of your website. Lastly, you should also scan your computer for viruses and malware on a regular basis.

1. Backing up your account

This first step to take is to always backup your website on a regular basis or whenever you make any changes or additions. The control panel for your website, such as cPanel, should have an easy backup utility that you can use to backup your entire website, databases, email, and files.


2. Vulnerabilities in the software you run on your hosting account

The next step to take is to asses any vulnerabilities in the software that you run on your web hosting account and on your local computer. Hackers are usually successful through these vulnerabilities with the numerous techniques that can be used against them.

For instance, most software that users run on their website is Open Source, which is free software that’s available for anyone to download and use. Examples of such software are the commonly used WordPress and Joomla. However, since anyone can download and view the code for Open Source software, it makes it easier for hackers to find ways to compromise a website. Therefore, the authors of such applications regularly release updates and security patches. So it’s important to make sure that you’re running the most current versions of any third party software on your website since those are usually the most secure.

The following is a list of links, specifically for WordPress and Joomla, that point to the software’s own information about security:

WordPress
Wordpress.org – How to Keep WordPress Secure
http://wordpress.org/development/2009/09/keep-wordpress-secure/

WordPress.org – Hardening WordPress
http://codex.wordpress.org/Hardening_WordPress

WordPress.org – Upgrading WordPress
http://codex.wordpress.org/Upgrading_WordPress

Joomla
Joomla.org – Joomla Security Center
http://developer.joomla.org/security.html

The Joomla Security Center includes information about their latest security news, their latest security articles, and more information in general about the Joomla Security Strike Team.

Joomla.org – Upgrade Instructions
http://docs.joomla.org/Upgrade_Instructions


3. Vulnerable plugins

In addition to the actual software, it’s also important to keep any third party plugins / extensions on your website up-to-date as well. Here are a couple links for more information about this topic:

Joomla
Joomla.org – Vulnerable Extensions List
http://docs.joomla.org/Vulnerable_Extensions_List

WordPress
Wordpress.org – Hardening WordPress – Plugins
http://codex.wordpress.org/Hardening_WordPress#Plugins


4. Vulnerabilities in software that you run on your local computer

On the other hand of things, companies such as Microsoft and Adobe that provide software that you run on your local computer release updates also release updates on a regular basis. Here are links to information about security updates of major software titles:

Adobe
Adobe.com Security bulletins and advisories
http://www.adobe.com/support/security/
For example, Adobe offers many popular products, such as:
Adobe Reader – http://www.adobe.com/support/security/#readerwin
Adobe Dreamweaver – http://www.adobe.com/support/security/#dreamweaver
Adobe GoLive – http://www.adobe.com/support/security/#golive

Microsoft
Microsoft.com – Windows Update
http://windowsupdate.microsoft.com/
Microsoft provides Windows Update to help keep your copy of Windows and other Microsoft products up to date. Be sure that your version of Windows has installed the most up to date security patches available.

Apple
Apple.com – Apple security updates
http://support.apple.com/kb/HT1222
Apple is well known for the security and stability that their products come with, but even Apple has to releases security updates. Please see the link above for more information regarding Apple security updates.


5. Did you code and develop your website yourself?

Another security precaution to take is that if you coded your own website, it’s important to know common techniques that hackers use to help you take steps to making your own software secure. Here’s a list of links to articles on Wikipedia for more information on common hacking techniques:

SQL injection
http://en.wikipedia.org/wiki/Sql_injection

Code injection
http://en.wikipedia.org/wiki/Code_injection

Cross-site scripting (XSS)
http://en.wikipedia.org/wiki/Cross_Site_Scripting

Remote File Inclusion
http://en.wikipedia.org/wiki/Remote_File_Inclusion

 

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Website scan

Free website security scanhttp://sitecheck.sucuri.net/scanner/

Block an entire country from accessing your server

If you know you're never going to ship a product to China, Turkey or Iraq, for example, we...

Website Malware Scan

http://sitecheck.sucuri.net/scanner/

.htaccess to restrict people from accessing a directory

Here is an example of an .htaccess file that is used to restict access to a certain directory....

Virus scanner

TO SCAN YOUR ACCOUNT FOR MALICIOUS FILES:We highly recommend that you use the Virus Scanner tool...