Secure your site from hack attempts

It happened to The New York Times and the CIA, and many other prominent large scale sites. It even happened to our favourite mecca, the Joomla.org website! Vandals have attacked and defaced some of the world's most prominent sites, if you run a website built on interactive scripting languages or database driven platforms like CMS sites or Ecommerce platforms, don't let the next one be yours!

At the very least, an attack could disable or deface your web site and embarrass your company. At the very worst, an intruder could shut down your online store and make off with your customers' credit card numbers and personal data, leaving you to deal with a possible litigation claim against your company.

With the majority of our projects being based upon open-source framework, keeping the code updated and applying the available security patches is considered gospel to us, but for many it is considered to be trivial and users would rather take the risk, than part with a few notes in order to stay up to date with their site code.

This attitude is part of our human nature I think, .. I mean you may have house or car insurance.. but when was the last time you needed to use it for a claim?.. and think of the money you could save if you didn't have to renew every year? We all know smoking kills, and has done for years... but how come humans still suck on the tar sticks? We have seen it alot in the past 10 years... and take it from us, .. if your business relies on its website and if your site was hacked, you could be in for some major time and costs to try to put it back together again! With the right web development company at your side, regular site updates and security checks are worth the investment, compared to the fallout of a hacker gaining your whole database information, including customer data, content and settings.

Tips to help you stay safe:

  • Keep a complete backup of your web site. And keep it on a separate, secure computer rather than the same server. If a vandal does manage to destroy or deface your website, you'll be able to get a backup version up and running more quickly.
  • Monitor your system and web logs for suspicious activity. Unusual log file activity might be the first and only warning that an intruder is trying to break into your system.
  • Utilise strong passwords. As a rule, people shouldn't use dictionary words, names, or other personal data for their passwords — they're too easy for an intruder to guess. Try using a combination of letters and numbers, this may save you if a hacker tries to use a "Dictionary Attack" on your site logins.
  • Use a firewall to shield your network. This is perhaps the single most important step you can take to protect yourself against hackers. If you don't know what a firewall is, or if you don't know how to select and configure one, hire someone who does. Simply put, make sure your website is hosted with a legitimate hosting company who apply daily security checks and patches to the web server.
  • For any website running a software application such as a Content Management System, or e-commerce platform... make sure you are running the latest version of the software!

And lastly... if you are at all concerned about a hack attempt, or wish to be pro-active and get your site checked out by a professional, contact your web development company and ask them for a security check.