Editor’s note: This post was written by Rachel Gillevet, the technical writer for WiredTree, a leader in fully managed dedicated and vps hosting. Follow Rachel and WiredTree on Twitter, @wiredtree, Like them on Facebook and check out more of their articles on their web hosting blog, http://www.wiredtree.com/blog.
It’s the Internet version of petty vandalism – a hacker cracks into your site and wreaks havoc, defacing it beyond recognition. How can you protect yourself?
It’s the online equivalent of throwing a brick through a window or covering a wall with crude graffiti. Out of either boredom, malice, or spite, a hacker cracks into a website, at which point they go absolutely wild. They delete pages, replace images and copy, and generally just destroy every last shred of the original site.
In a world where their website is usually the first impression a brand makes on the end user, this can be almost catastrophic, resulting in a ton of lost revenue.
Thankfully, it’s fairly simple to prevent all but the most expert of attacks, provided you know what you’re doing. Truth be told, it’s all a matter of due diligence. So long as you take the necessary steps to protect your website, you should be fine.
Make Sure Your Passwords Are Secure – And Change Them Regularly
We’ll start things off simple: choose a secure password, and update it regularly. Ideally, you want to have more than a single password, as well; I’d recommend having one for each piece of software that requires login information. Of course, some of you are probably wondering how you could possibly accomplish this.
To that end, I’ve a few suggestions:
- String together a few random, unrelated words, and replace several characters in the phrase you dreamed up with numbers and symbols. Alternate between caps and lowercase. This should be between 8-10 characters long (or more).
- Use a password manager to keep things straight – there are quite a few decent ones online.
- Write your passwords down in a safe place: somewhere that only you have access to.
Install Security Software
Although your web host might offer some security for your site, it’ll usually fall to you to keep your frontend safe. In order to do so, you’re going to need to install a few things – antivirus software, anti-spam, firewalls; you get the idea. If you’re going to keep your site safe from cyber-crime, you can’t do things in half measures.
Keep Everything Up To Date
Developers don’t just release regular updates to their software because they want to add a few cool new features. More often than not, an update to a particular plugin or CMS is the result of a recently discovered security bug. Ignoring these updates means that the bug still persists in the code of your website, just waiting to be exploited.
You should also make yourself aware of all the known exploits and techniques used to hack a website – knowing is the first step towards protecting yourself, after all.
Now, in regards to the above, you shouldn’t rush into every update that comes your way. Ironically enough, a security patch could actually make your site more vulnerable if it ends up causing a software conflict. Make sure you test every update as thoroughly as you’re able before installing it.
Monitor, Backup, Test
There are three things you should always do with your website:
Monitor your front-page, code, user activity, and admin activity. The more attention you pay to the workings of your website, the likelier it is that you’ll be able to catch a hacker before they cause any lasting damage.
Back up everything – and I mean everything. You should be running automated backup software that creates a copy of your site on a secure server at least once per day. That way, if someone does manage to bust down the doors of your website, it won’t be that hard for you to restore it.
Test every plugin, addon, and application extensively. If there’s a security flaw in an application, you want to know before you install it and open your site up to criminals.
Be Careful When You Choose Your Hosting Provider
Do your homework when you’re looking for someone to host your website. Do they offer support for all the security policies and recommendations your business requires? What sort of reputation do they have in the hosting community?
If you end up choosing the wrong host, then it doesn’t matter what you do to keep yourself safe – they’ll probably undermine it.
Only You Can Prevent Internet Vandalism
As far as Internet security goes, defacement is actually the least of your concerns. It’s annoying, yeah, and it could lose you some business, but at least you aren’t having to deal with losing financial information or personal data. That said, you still want to take measures to protect yourself against it – if only because those same measures will go a long way towards preventing far more serious forms of cybercrime.