13 Aug

2009

SiteGround Website Security Tips

Needless to say, website security is a major concern for all people in the IT industry.  Indeed, web applications are constantly being improved and security is something all web developers pay special attention to. Alas, hackers are not slacking off either. When known security vulnerability is fixed, they either find another way to exploit it or discover a new one very quickly (or in the worst case, both).

And yet, despite the precautions and improvements, a lot of websites are still getting hacked. Why? The main reason is that many, not to say most, users seriously underestimate security as a whole – not only the security of their websites, but the security of their hosting accounts and even the security of their own computers.

And this is an ideal opportunity for hackers to “show off their skills”. The hackers keep their “software” up to date – new viruses are developed all the time. And while they keep their applications up to date, many users don’t. Once they install an application and start using it, users forget about upgrades and security fixes.

Keeping the above in mind, the next logical question is “What can I do to secure my website?”… Well, I’m glad you asked :)

Here are a few things you should always do to keep your website secure:
•    Make sure your local computer is safe. For this purpose use reliable updated antivirus software;
•    Update regularly your computer’s software including its base operating system and any third party software installed.
•    Make sure all of your web applications are up-to-date. This includes any modules, components and addons you have added and / or integrated;
•    Pick up strong passwords for the different services you use (email, FTP, etc). Never use one and the same passwords for your different online services.
•    Avoid having directories with permissions above 755. If your applications require such directories, try to put them outside your webroot (public_html) or place a .htaccess file in them containing “deny from all” to restrict public access to these files.
•    Always, and I mean always, back up your website. You should always have a proper backup so that even if someone hacks your site, you can restore its functionality immediately.

You can also check our basic security guidelines for more information on how to keep your website secure. Here are some other useful sites with lots of security tips: bestsecuritytips.com and stopbadware.org.

What do you do to protect your website and applications? We will be happy to hear your experience!

Author: Dima Peteva

Project Manager

Loves all-things Internet and checks RSS feeds first thing in the morning as an early dose of daily inspiration, then puts it all into work throughout the day. A project manager by title, a creative enthusiast at heart.

Comments (2):

  1. happy-dave88 says:

    Cool font! colour……Great post I think its a proble thats only getting worse, I own a uk based affliate website and recently took out website insurance i was getting the concrened! Now I sleep alot easier. I think to mnay people think its down to the ISP to handle.

  2. Noam says:

    an interesting article, not too technical explaining how to approach to securing company’s website and internal web applications http://bit.ly/4-Steps-to-Eliminate-Security-Vulnerability

Favorite Tweets

Facebook