5 STEPS TO KEEPING YOUR SITE SECURE FROM HACKERS
By Michael Butler • 4/13/15 • Big Head Web Host
1. Keep Your Website Software Updated.
If you are using WordPress (or any other CMS), and it is not already using the stable current version, take a minute to update. Out-of-date software is the leading cause of infections. This includes your CMS version, plugins, themes, and any other extension type.
2. Change your Password at all Access Points including FTP, SFTP (or SSH), CPANEL.*
Choose a unique and STRONG password. What often defines a good password is built around three core components – Complex, Long and Unique. The argument most made when it comes to passwords is that it’s too difficult to remember multiple passwords. This is true. It’s also why Password Managers were created.
We cannot stress the importance of changing all passwords to include those not related to your CMS. Your website has various access points, attackers understand this and because of this they will often exploit multiple points of entry. At a minimum, be sure to update the password for all administrator accounts. We say all because often users will create more administrators than they require and will often update one, but forget about the rest. There really is no better time to clean than after a compromise, take advantage of this time.
3. Change your Database Password.*
If you are using a CMS (WordPress or any other) change your database password. Please be sure to update your configuration file – wp-config.php. This is not an automated process so you will need to know how to open those files and edit manually. If you’re not familiar with handling changes in your database and configuration files, contact your host.
*If you don’t know how to change your passwords (specified above), contact your hosting company for details.
4. Scan Your Personal Computer.
Run a virus scan on your personal desktop/laptop.
In a lot of cases we see that websites are compromised via local environments (notebooks, desktops, etc..). It’s why we always ask you take a minute to run an Anti-Virus product. If you’re OK with spending a little money, BitDefender is leading the pack in malware detection on MAC’s and PC’s. Other alternatives include Kaspersky for Windows and MAC, and Sophos and F-Secure for Windows. You can also try Avast, MSE, Spybot that are free alternatives and very good. Here is the bottom-line, it doesn’t matter how many times your site gets cleared, if your desktop is not clean, your site can get reinfected quite easily.
5. Install a Website Monitoring System like SmartALERTZ™
With SmartAlertz, a monitoring system is added to your website that alerts Big Head Hosting Technicians when hackers have added malware. When the alert is received, technicians immediately begin cleansing all of the coding within your website of any injections by a hacker.
Many times your site will not be down, but if the attack is extensive, you may have some downtime. Speed is of utmost importance to our technicians since your website serves as your 24/7 lifeline to your clients. If your site was also blacklisted by Google, Norton, etc., it will be unlisted. Additional info about SmartALERTZ™.