Tips to prevent hacking
Hacking, nowadays, has become very common. It can occur in a number of ways. Be it your computer or your website, nothing is secure. Hackers have been around for too long, to hack your computer and steal your personal information. Your blog or website can be compromised if a hacker obtains your password. Your email can be hacked if you click on a fraudulent link and you may not be able to retrieve your email and other information you’ve registered in your account. So in today’s post I’ll tell you some important and noteful tips to prevent hacking and safeguarding your website/blog.
1. Use Strong Passwords-
This is the number one technique you could possibly implement. Hackers are experts at programming computers to scan through huge amounts of data very quickly. That’s the reason longer passwords are more secure; the number of possible combinations grows exponentially with every extra character added.
Hackers employ a technique called “dictionary attack” where they repeatedly try username and password combinations by running through hundreds of common words, phrases, numbers and combination them till they get lucky. It’s important you use random strings like “@ar@v07!” instead of “aarav07″.
2. Updated Security Patches-
If your web hosting provider hasn’t already done so, you should check that all the latest security patches for various aspects of the service are properly installed. As you might know, WordPress (self-hosted) is one of the most popular Content Management Systems out there on the market.
It is used by millions- so it’s not surprising to see many hackers working day/night trying to hack it. Updates and patches are regularly released, so keep an eye out for all your plug-ins/core files.
3. Securing your Ports-
To put in simple words, a “PORT” is used to access data from outside the server. It also utilized to transfer data both ways, into the server and also outgoing. Most of this activity is behind closed doors and happens automatically, and only trained professionals tend to play around with such details.
Nevertheless, ports are constantly opened & closed for easy-access, for programs such as a FTP (File Transfer Protocol). This can be favorable for any hackers attempting to access your sensitive files, so make sure any unwanted ports are ‘properly closed.’
4. Don’t use Generic Usernames-
Using common words for usernames such as “admin”, “administrator” or “Site Owner” can cause many implications because you are simply making the job of the hacker’s a lot easier. By using such common words for your username, you are incredibly increasing the success rate of the hacker by at least a few points of a percentage, which is consider a lot where only one answer can be right from an unlimited range of combinations.
5. Make sure your files are using the correct CHMOD Permissions-
HMOD File Permissions assign a specific value to every file/folder on your server, which allows different levels of access.
CHMOD Permission range from 000 (No access) to 777 (Full access), you must decide which files get what permissions, but be warned that some third party software require higher permissions to operate properly. You need to balance out features with security and make an informed decision.
Using a FTP you can change the permissions given to each file/folder on your server. This is vital to ensure any unauthorized access to your content is comprehensively denied.
Note – Make sure your CHMOD settings work with your current web-hosts. Some hosts prevent ’777′ for security reasons.
6. Prevent illegal farmers’ from “harvesting” your lists-
Hacking techniques are used to “harvest” email addresses, which are then used by spammers and other hackers for malicious activities. If you are storing email data on your website, for what-ever required reason, make sure it’s stored in a secure format, such as a MySQL Database.
Most top-CMS such as WordPress and Joomla make this compulsory but there’s many self written CMS’s too. If your script simply writes data to a text called “emails.txt” it won’t be long before someone sniffs it out.
7. Clear the Cookies-
Personally, I use a lot of public computers to blog and do other online activities, maybe because it’s convenient or my unreliable ISP crashed on my once more. Inevitable there’s many, many webmasters like me that use public services for either a quick access or regular work.
Just don’t forget to clear out the cookies and cache before you leave! Even if the service provider claims “no tracking of privacy” or anything along those lines, a quick clean before you leave wouldn’t hurt anyone.
8. Avoid Scam/Spammy Websites-
In a desperate attempt to get visitors you might consider try extensive viral marketing and other means of gaining the attention, this may cause a few people in the wrong community to raise a few eyebrows.
The last thing you need as a settled web-master is to cause a stir amongst the wrong people. Stay away from websites and especially forums that offer “information” or “get traffic quick” that uses illegal spam lists and such.
9. Unsolicited Installation of Scripts-
It can be dangerous to install third-party scripts and programs on your website unless you understand what they are actually doing. Even if you don’t fully understand the programming, you can read through the code and look for tell-tale signs such as references to third-party URLS.
You can also visit community forums such as SitePoint and DigitalPoint to ask around for better advice.
10. Comment Attacks-
Comments are one of most prized features for blogs, and helps create a great relationship between the author and the reader, and also between readers in the wider community. It would also be easy for someone to insert HTML code that causes trouble.
You need to “validate” the form input before it’s accepted, to strip out all but the most basic HTML tags, for example and also if you’re using WordPress – you can utilize the “Keyword Filter” to block out any harsh words that might raise an issue or two.
11. Backup your data frequently-
Taking regular backups of your website is one of the best ways to prevent hacking of your website. It is really very important. If your using WordPress, there’s a plugin that emails you backups every day/week/month depending on your preference.
12. A mandatory step to be taken- Make sure your “.htaccess” and “.htpasswrd” is properly formatted with the secure CHMOD of 644. This is important and adds the best out-layer of protection for you and your visitors.
Follow the above steps and prevent hacking of your website/blog. In order to setup your online community you need to make it a point that your site is secure. These tips will surely help you in doing so.