Cybercriminals hack into thousands of websites daily by using automated hacking software to scan the internet for vulnerable websites. Hacks can be invisible and compromise everyone viewing the page.
Why hack my website?
Hackers aren’t always interested in stealing your data or defacing your website, instead they may hijack your server to relay email spam or to set up a temporary server for illegal files.
Hackers can also infect a website with a code, which records keystrokes on visitors’ computers, to steal login details for online banking or identity fraud.
Essentially, hackers are on a mission to find any online security holes that can be exploited.
How do I keep my website safe from hackers?
- Keep software up-to-date, both server operating systems and software, and apply any security patches straight away.
- Use strong passwords with a minimum of eight characters, including uppercase letters and numbers, and change them regularly.
- Use two-step verification and different passwords for every account.
- Monitor website traffic and set up Google Alerts to check if you are ranking for any unusual terms like gambling, pharmaceuticals or viagra.
- Activate virus scans and clear search histories.
- Use Google webmaster tools to verify the website’s state.
- Public wifi spots are a risk and need extra monitoring.
- Avoid pirated software.
- Research any code you don’t write to see how secure it is.
- Use a generic error message like ‘incorrect username or password’ to avoid giving away any information to hackers.
- Use a security certificate when passing personal information between website and web server or database.
- Store any files uploaded to your website in a folder outside the webroot or as a database blob.
- Backup all data in case your website is hacked.
Once your website is secure it’s a good idea do a penetration test (pen testing) for any potential breach areas.
Netsparker is adept at testing SQL injection and XSS. Alternatively, employ a secure hosting company experienced in hacking issues, coding and quality software.