Please Note: This article includes links to sources online about website security, that pertain specifically to individual programs like WordPress and Microsoft Windows. While it is not possible for us to publish every security article for every program, a search on the web regarding security and updates for the software you run should return numerous results.Website security is a topic on a lot of users’ minds. If you search the web for How to hack a website, you will literally get millions of hits. Taking the necessary precautions now with your website will help prevent a big headache later on in the event anything does happen to your website.
**Note: If you suspect you have already been hacked, please see our article on recovering from a hack
Backing up your account
- Vulnerabilities in the software you run on your hosting account
- Vulnerabilities in software that you run on your local computer
Vulnerabilities in the software you run on your hosting accountMost software that users run on their website is Open Source software. Open Source software is software that is freely available for anyone to download and use. For example, both Joomla and WordPress are very commonly used, and they are both Open Source. One of the drawbacks of Open Source software is that anyone can download and view the software’s code, which makes it easier for hackers to find ways to compromise a website. The authors of such Open Source Applications release updates and security patches on a regular basis. Please be sure that you are running the most current versions of any third party software on your website, as the most current version is usually the most secure version as well. The following is a list of links, for WordPress and Joomla specifically, that point to the software’s own information about security:
WordPressWordpress.org – How to Keep WordPress Secure http://wordpress.org/development/2009/09/keep-wordpress-secure/
10 Ways to Secure WordPress https://www.inmotionhosting.com/support/edu/wordpress/10-ways-to-secure-wordpress/
Wordpress.org – Hardening WordPress https://wordpress.org/support/article/hardening-wordpress/
Wordpress.org – Upgrading WordPress https://wordpress.org/support/article/updating-wordpress/
JoomlaJoomla.org – Joomla Security Center http://developer.joomla.org/security.html The Joomla Security Center includes information about their latest security news, their latest security articles, and more information in general about the Joomla Security Strike Team. Joomla.org – Upgrade Instructions http://docs.joomla.org/Upgrade_Instructions
Vulnerable pluginsKeeping any third party plugins / extensions on your website up to date is just as important as keeping the core software up to date as well. We’ve compiled a short list of links for more information about this topic as well.
Did you code and develop your website yourself?
Please Note: Although direct coding support is out of the realm of what our Support Department can assist with, a search on the web regarding the topics below will return many results that include how to update your code and take preventive measures.
Common ways websites are hackedSQL injection http://en.wikipedia.org/wiki/Sql_injection
Code injection http://en.wikipedia.org/wiki/Code_injection
Cross-site scripting (XSS) http://en.wikipedia.org/wiki/Cross_Site_Scripting
Remote File Inclusion http://en.wikipedia.org/wiki/Remote_File_Inclusion