Is your website vulnerable to hackers?

Written on 04 December, 2013 by Karen Lim-Sam
Categories Web Design & ContentTags hacked

Hackers, malware and automated hacking bots are everywhere on the Internet, and chances are they will run across your site at some point. Here are some tips to make your website more secure.

Password management

Never use dictionary words as a password. Automated systems trawl the web trying hundreds of thousands of words as passwords and will eventually find their way into your site. Use strong unique passwords and change them regularly.

Encrypted logins

Any login page or area where secure information is entered must be running under HTTPS. HTTPS will encrypt the web traffic to and from the server and prevent people from capturing your users login details and credit cards. If your login isn’t encrypted, you might as well not have one. Ask your host about HTTPS and SSL certificates if you don’t have this set up already.

Secure admin

Not only should your back-end be secured via HTTPS, but you should make a habit of using only secure channels to administer it, to avoid your passwords and private data being sniffed out by a hacker. Most FTP programs will have an option for Secure FTP (SFTP).

Backup

Ensure you have regular backups of the website code and database kept somewhere other than the server. If your site is hacked and taken down you can restore from a backup. But if that backup is kept on the server, it can be very difficult and time consuming to determine whether or not it has been tampered with, so restoring might present the hacker with an open back door.

Hack scanners

There are sites and services out there that will examine your website and seek out potential security holes. These are invaluable tools and will often identify issues you’d never thought of. A word of warning though – be sure to do your research before using one of these services – you don’t want to be handing a hacker your site details in the name of security.

Software updates

Ensure that whatever software you utilise is regularly updated with security patches. If you have control over the code of your site, hire a programmer to check for issues like SQL insertion or use an internet SQL insertion checking tool.

If you keep an eye on your site and make sure to follow these steps, you’ll be ahead of many businesses that don’t secure their websites. It only takes one hacker or malware infection to completely destroy your online business, so taking a little extra time to make it fully secure is always worthwhile.

Netregistry offers a range of website security to help protect your online business from such malware and unsuspecting spam.  You can contact us on (02) 9934 0501 to speak to someone about protecting your website, or visit our website for more information.