SiteGround Website Security Tips

Needless to say, website security is a major concern for all people in the IT industry.  Indeed, web applications are constantly being improved and security is something all web developers pay special attention to. Alas, hackers are not slacking off either. When known security vulnerability is fixed, they either find another way to exploit it or discover a new one very quickly (or in the worst case, both).

And yet, despite the precautions and improvements, a lot of websites are still getting hacked. Why? The main reason is that many, not to say most, users seriously underestimate security as a whole – not only the security of their websites, but the security of their hosting accounts and even the security of their own computers.

And this is an ideal opportunity for hackers to “show off their skills”. The hackers keep their “software” up to date – new viruses are developed all the time. And while they keep their applications up to date, many users don’t. Once they install an application and start using it, users forget about upgrades and security fixes.

Keeping the above in mind, the next logical question is “What can I do to secure my website?”… Well, I’m glad you asked 🙂

Here are a few things you should always do to keep your website secure:

  • Make sure your local computer is safe. For this purpose use reliable updated antivirus software;
  • Update regularly your computer’s software including its base operating system and any third party software installed.
  • Make sure all of your web applications are up-to-date. This includes any modules, components and addons you have added and / or integrated;
  • Pick up strong passwords for the different services you use (email, FTP, etc). Never use one and the same passwords for your different online services.
  • Avoid having directories with permissions above 755. If your applications require such directories, try to put them outside your webroot (public_html) or place a .htaccess file in them containing “deny from all” to restrict public access to these files.
  • Always, and I mean always, back up your website. You should always have a proper backup so that even if someone hacks your site, you can restore its functionality immediately.
  • Аvoid using modules, extensions, themes and scripts, downloaded from non-official sites and torrents. In almost all cases such scripts contain backdoors and malicious code. Always download the extensions and the templates for your sites only from the official developer sites

You can also check our basic security guidelines for more information on how to keep your website secure. Here are some other useful sites with lots of security tips: bestsecuritytips.com and stopbadware.org.

What do you do to protect your website and applications? We will be happy to hear your experience!

Access email sent!

Sign Up For
More Awesome Content!

Subscribe to receive our monthly newsletters with the latest helpful content and offers from SiteGround.

Thanks!

Please check your email to confirm your subscription.

Dima Peteva

Head Of Brand And Culture

Dima is leading all brand initiatives at SiteGround, where she started as one of our first team members way back in 2004. Since then, she has played a key role in different departments starting with Billing, Project Management, and Marketing. She’s witnessed the company grow from a handful of people to 600+ team members and more than 2 million domains hosted today. When she’s not leading the creative efforts at SiteGround, you can find her organising the local CreativeMornings chapter or taking her one-year-old Vizsla dog on a long walk.

Comments ( 2 )

author avatar

happy-dave88

Aug 17, 2009

Cool font! colour......Great post I think its a proble thats only getting worse, I own a uk based affliate website and recently took out website insurance i was getting the concrened! Now I sleep alot easier. I think to mnay people think its down to the ISP to handle.

Reply
author avatar

Noam

Oct 20, 2009

an interesting article, not too technical explaining how to approach to securing company's website and internal web applications http://bit.ly/4-Steps-to-Eliminate-Security-Vulnerability

Reply

Start discussion