If you haven’t already started thinking about the security of your website, now is the time to begin. With malware and website attacks in the rise, you don’t want to be left without a backup plan in case everything goes wrong. This is especially important if you do business or eCommerce online, but even if you only have a simple informational website, your reputation can easily be harmed if you aren’t careful.
For eCommerce sites, if your site is hacked someone might gain access to the personal information of your clients, such as credit card numbers, bank account information and other personal information. Information about your business might be compromised as well. Do you realize how easy hackers can breach your website security if it is not well protected? In 2009 for example, hackers broke into the database of Virginia Health Professions, deleted more than eight million patients from the site and in place of the homepage,demanded a ransom of $10 million to have the records returned.
Here are some simple steps about how you can guard against website security breaches.
Use Strong Passwords
Often websites are not secure because strong passwords are not used. And many email accounts have been hacked because of weak passwords. Even members of the Bush family have been hacked, including e-mails sent by former United States Presidents, George H.W. Bush and son, George W. Bush. The only things in the e-mails were apparently family discussions and pictures, but the incident shows how weak passwords can hurt former presidents, ordinary people and businesses.
Also, the large-scale WordPress attacks earlier this year were simply a distributed brute-force attack which attempted to guess weak passwords in order to compromise and gain access to websites.
Here are some pointers on picking a strong password.
- Avoid common passwords, such as 123456, password, etc.
- Avoid short passwords, pick passwords of eight or more characters
- Don’t use complete dictionary words
- Use different passwords on different accounts, so if one is compromised the others aren’t.
- Use passwords with both upper and lower case letters as well as numbers. Add special characters such as hyphens, and underscores and more.
- Don’t use your username in a password
- Don’t use something that can be easily guessed by someone who knows you, like the name of a spouse, child, pet or favorite sports team
- Change passwords often
Use a Security Service You Can Trust
A security service you trust can protect you from threats like denial of service attacks, spam and excessive bot crawling (such as the WordPress Brute Force attack). It will show what country an attack is from and you can learn about attacks to your site quickly. A service like CloudFlare will block the attack for not only your site, but will help the whole community. If you have a Shared Web Hosting account with myhosting.com, you can activate CloudFlare for free in just a few mouse clicks.
What to Do If Your Site is Attacked
If attacked, how do you get rid of malware, viruses or anything which can ruin your site and your business? A service like StopTheHacker from myhosting.com can perform vulnerability scanning and clean up your site automatically if something goes wrong. It can also provide scanning services to check your reputation in online blacklists and warn you of any changes. It’s important to make sure your reputation is in good standing, or you may find yourself losing your ranking in the search engines.
Keep a Backup
Above everything, you should always try to keep a recent backup of your website – whether offline backup or one using one of our available backup options. If data is lost or you website is defaced, having a recent backup will allow you to recover without missing a beat. You can always try our Website Restore solution for your shared web hosting account, or for our VPS Hosting backups you can try one of our manual or automated backup tools.
Don’t leave website security as an afterthought. Make sure that hackers won’t attack your website by filling security holes and vulnerabilities. And if you take the right precautions with a trusted hosting provider, you can make your site more secure and rend