10 ways to Secure your Website from Hackers
By Online Security Authority on Apr 22, 2009 in Thoughts on Security
Stop the Hack and Secure Your Website in 10 Best Methods
If you are a business owner, then you must know how important it is for you to have your own website. You can use it to be able to reach as many target customers as possible. After all, they are located in almost many parts of the world. You can display all your products and services in your website. But do you know that they can be a great area for hackers to play on? So how can you protect your website against hacking?
1. Protect your files with passwords. Surely, your website will contain scripts, database, and files that are not meant to be shared publicly but for perhaps the search engine bots. To avoid having anyone getting hold of them, it may be ideal to protect them with password. However, you have to make sure that these are very hard to decipher. This is because they can simply make use of a password-deciphering software. You can combine alphanumeric characters and exhaust all the character limits as much as possible.
2. Secure your e-mail address. There may be times when you will be receiving an e-mail address courtesy of your online business form. There are even others who will send a message directly into your mailbox. This may mean that spammers have got hold of your contact information perhaps in the Web or from someone else. To prevent this, you can make use of software that will split your e-mail address. It will then very hard for spamming software to read. You can also just add an E-mail Us link into your website or an image which can be clicked and allow your customers to send an e-mail right away. There’s no need to reveal the e-mail address.
3. Don’t leave e-mail addresses anywhere. Perhaps you’re thinking of marketing your website in forums and other public online networks. This is okay; however, you have to be very cautious. Hackers and spammers are very much interested of your e-mail address. You can make use of a bogus one, and simply add a link of your website in the signature.
4. Secure your source code. There are hackers who are interested in getting your source code to either destroy it or to build a website clone. That’s why it is very important that you can protect it against such individuals. You can make use of scripts that will allow your source code to remain hidden to Internet users. Or you can simply make use of external CSS sheets as well as files for Javascript.
5. Check for software patches. If you have been using some software in building or maintaining your website, make sure that you constantly update all of your files. This may be because the older ones can no longer protect your website from hackers and spammers.
6. Sign up for updates. Majority of the product and software updates may only be announced in their respective websites. This is to encourage their customers to continuously be up-to-date too of any new products that they are currently introducing into the market. To avoid the hassle, sign up using one secure e-mail address in all of their newsletters. If you receive any updates, make sure you take time in reading them.
7. Add a robot.txt. This is a special instruction you will give to search engines who may be visiting your webpages. You can instruct them to only index those files that are meant for users. You can also direct them to not index any that are only meant for webmasters. These may include files and images.
8. Check the permissions you may have set for your uploaded files. This is to prevent any hacker from getting access into your important and confidential files. You can confirm it by selecting CHMOD for your files located in the web hosting server. Otherwise, if you aren’t sure, then you can simply verify it from your webmaster.
9. Take away old or unnecessary files. It’s normal for search engines to keep files from your website, especially if they are being indexed. However, if you remove them from the server, then no one can access them anymore. It will not be obtainable for hackers and spammers.
10. Know your server. Your server is very essential as you basically keep all of your files there, and it will cause your website to run smoothly. Intruders, on the other hand, can add virus or malware into your system, thereby causing damage into your website. If you are running it on your own, you must know your server properly. This way, you can set the right security and permission level for your site.
For more great content, information and stories like this, please finishing reading The Rest of The Best 30 of the Top 10’s…
also Join Us, Monday LIVE @ 11:00 MST for:Your Online Security Authority 
Bill Wardell
Written by: OSAblogger / Bill Wardell - Please Read Our Latest OSA eZine Edition
Popularity: 57% [?]
OSA Related Posts- Partition Recovery from a Hard Drive with Encrypted File System
- 10 Tips to do Online Shopping Safely
- Websites and Intellectual Property, Patents, Trademarks, and Copyrights
- How To Protect Your Digital Downloads
- MySpace: How Do I Block It?
- 20 Minute Guide to Pc Security
- Identity theft and key logging main security threats for 2007
- Easy Migration from Lotus Notes to MS Outlook
- Computer Viruses that Come a Callin'
- How To Get People To Sign Up For Your E-mail List
- Self-Hosted Open Source Softwares
- Why You Should Launch A Membership Site
- Weakonomics Weekend Edition: Best of 2008
- How To Get To The To[ Of The Search Engines
- 100 of the Best Privacy Tools and Online Resources
- Bob Hope Stamp
- Attend 15th Annual Hacker Halted Information Security Event and Get a Free iPad
- Ranking No.1 In MSN In Just 7 Days - Guaranteed!
- Things to Have Removed from your Credit Report pt 2
8 Comment(s)
By Lifelock Protection on Oct 6, 2008 | Reply
“I review this site and getting good idea and view that written here, life lock is good industry taking good steps keep monitoring identity thieves and it always protect from wrong hands’ and taken full service . No one stop identity theft, but we almost completely cover it and its life lock guarantee. So we suggest visit this site hope you getting more knowledge.
Identity Theft Protection Lock.
By Michael Torner on Mar 11, 2009 | Reply
Finally something new for me to learn and I am already subscribed. You can contact me if you need to.
By simone on Apr 18, 2009 | Reply
Is a good article, today my website was hacked pff ,everytime the same
By Isaac Van Name on Apr 22, 2009 | Reply
I'm actually greatly disappointed in this article. The approach seemed to be one of trying to cover all the bases but, in reality, the information was much too vague or even narrow-focused to be of any real use to the average site owner.
Examples? Securing an email address should NEVER have two of the top spots on a "top 10 ways to secure your site" list. There are much more important considerations in securing your site and, frankly, if you get away with just having to deal with spam, you should consider yourself lucky.
"Secure your source code" is way too vague. Specifically, you're trying to protect your *client-side* code (i.e., Javascript). How would someone make the code "hidden"? They can't… not client-side code, that is; server-side code is hidden, if you choose to think of it that way. The best you can do with protecting your Javascript from theft is to use code obfuscation techniques. For all you nitpickers, I'm excluding server-side Javascript from this.
Software patches and updates? Don't assume that your audience is all building their site off of prebuilt packages like WordPress, Drupal, etc. Teach them how to secure *anything*. Mention the updates and all of that for the ones that are using prebuilts and, for the ones that aren't, mention the important types of attacks that they need to protect against! XSS, email header injection, code and SQL injections, directory traversal, etc. Talk about how to protect the site by educating people on how to do it, or at least what to look for.
The rest deserves no real mention. This needs more pertinent information, or it's just hurting the readers… not helping.
By OSAuthority on Apr 24, 2009 | Reply
Hi Isaac,
I am sorry you did not find this useful… but in defense of the content it was not intended to be a complete IT solution TOP 10 List, in fact I have been looking for a guest poster that could fulfill those requirements in those areas. In my experience we do really well with the things that focus on is family safety and easy to implement PC solutions and awareness for daily internet security… and would totally agree with you that what was needed to hit this with more of a harder edge and piratical list of solutions for website owners and that to be fully secure you need to take a much more aggressive approach and make stronger permanent solutions for IT Security!
So, now here is where you can be a great asset to our readers and also to much wider audience by putting together a very complete list and add to what you have already shared OSA readers and I will make it a featured post on our website, and highlight in our online magazine\\'s next issue with a background story of what you brought my attention…
I will be glad to do more as well if you would like to come on board as a contributing OSA staff writer and be a part of the OSA team I will put in the OSA editor you can create a bio box to point back to your sites, and see if we could be a benefit to each other?
Thanks again for comment,
Bill
By OSAuthority on Apr 24, 2009 | Reply
Hi Isaac,
I am sorry you did not find this useful… but in defense of the content it was not intended to be a complete IT solution TOP 10 List, in fact I have been looking for a guest poster that could fulfill those requirements in those areas. In my experience we do really well with the things that focus on is family safety and easy to implement PC solutions and awareness for daily internet security… and would totally agree with you that what was needed to hit this with more of a harder edge and piratical list of solutions for website owners and that to be fully secure you need to take a much more aggressive approach and make stronger permanent solutions for IT Security!
So, now here is where you can be a great asset to our readers and also to much wider audience by putting together a very complete list and add to what you have already shared OSA readers and I will make it a featured post on our website, and highlight in our online magazine\\'s next issue with a background story of what you brought my attention…
I will be glad to do more as well if you would like to come on board as a contributing OSA staff writer and be a part of the OSA team I will put in the OSA editor you can create a bio box to point back to your sites, and see if we could be a benefit to each other?
Thanks again for comment,
Bill
By OSAuthority on Apr 24, 2009 | Reply
Hi Isaac,
I am sorry you did not find this useful… but in defense of the content it was not intended to be a complete IT solution TOP 10 List, in fact I have been looking for a guest poster that could fulfill those requirements in those areas. In my experience we do really well with the things that focus on is family safety and easy to implement PC solutions and awareness for daily internet security… and would totally agree with you that what was needed to hit this with more of a harder edge and piratical list of solutions for website owners and that to be fully secure you need to take a much more aggressive approach and make stronger permanent solutions for IT Security!
So, now here is where you can be a great asset to our readers and also to much wider audience by putting together a very complete list and add to what you have already shared OSA readers and I will make it a featured post on our website, and highlight in our online magazine\\'s next issue with a background story of what you brought my attention…
I will be glad to do more as well if you would like to come on board as a contributing OSA staff writer and be a part of the OSA team I will put in the OSA editor you can create a bio box to point back to your sites, and see if we could be a benefit to each other?
Thanks again for comment,
Bill
By Brian on May 11, 2009 | Reply
Hi Bill,
There are so many ways that a web site or web server can be hacked nowdays, that it's getting really hard to provide a list of 'what to look out for'.
Also many site owners use a hosting service and don't have access to server settings and don't know what patches have been done.
The best solution is to use a Web Site Security Audit service.
A web site security audit will tell you if your web site is vulnerable to being hacked and why. Some security risks are due to the code of the site, some of it has to do with the server. A good audit will list all the problems that were found, give them a ranking (high risk to low risk0 and provide instruction as to how each can be resolved.
A site owner can run this kind of test any time they want, and this gives them some insight into how well they have coded their site and how carefluly their host has kept the server up to date.
There are many companies that do this (I work for one) and they can be found easily by searching 'vulnerability scanner' or 'web site security audit'.
Bill, if you would like some help on web security matters, I would be happy to help.
Thanks
Brian