May 23, 2016 7:22 AM / by Joshua Ballard
Below you will find some very simple, yet very effective ways that you can help minimize the chances of being hacked again in the future.
Maintain Vigilance Over Passwords
It is important to be very sure about how many people, and who, have access to your website and server at any one time.
You want to limit the amount of people that have FTP and Cpanel access to as few as possible.
You will also want to assess how mnay people have access to your CMS at any one given time.
Making sure that as employees, contributors and contractors leave, that their credentials are also revoked at the same time.
Protect Yourself Against Brute Force Access Attempts
You can download plugins or additional software that will help limit the amount of times someone can attept to enter a password into a login page before it stops letting them try at all.
Another good option for helping to remove the chances of a brute force attack is to make your admin login page less obvious. A vast majority of websites use domain.com/admin as the primary entry portal for an use to sign in.
You may want to consider placing your login screen on a different, less obvious page.
Keep Third Party Plugins and Software Updated
Quite frequently the reason that there is an update on a certain plugin is actually the fact that a security vulnerability has been discovered and consequently patched.
Likewise, always running the most updated software for your server, website, CMS, Operating System and Computer will all help add to the security of your website.
SSL Will Not Prevent Your Site Being Hacked
It is actually quite alarming how many people on the internet are publishing articles which claim that implementing SSL will help prevent an attack.
For example, within a very high ranking website, I found this little piece of advice:
This is blatantly false.
HTTPS is a by product of having an SSL certificate for your domain.
An SSL certificate or Secure Sockets Layer, is a process of encrypting data that is being transferred between a server and a client. You can get a much deeper understanding of SSL and HTTPS with this guide from Paul Arneson.
This means that the data cannot be intercepted and subsequently understood.
It has literally nothing to do with preventing someone from hacking your website.
Consider Using Third Party Service Providers
Having web security professionals helping watch over your site can make all the difference. You may be surprised to know that having professional level software and service can start at only $15 a month or so.
You may be tempted to think that only a large company has the budget and need to actually invest in security, but this is not necessarily the case.
Topics: prevention of hacking