Website owners ask for advice on a huge variety of subjects, but there’s one request that web hosts hear over and over again.
It goes a little something like this:
“Help me! My site has been hacked! Can you fix it?”
The answer to that question isn’t always a yes, especially if you don’t have a backup, and many a site owner has been forced to start again after a hacker breached their database and corrupted it all.
The Good News
Don’t worry, though, it’s not all doom and gloom.
In fact, 99% of security breaches can be prevented with the proper planning and attention to detail.
How does that saying go? “Prevention is better than the cure.”
Over 30,000 websites are hacked every single day, which is why it’s MANDATORY to spend some time making sure your server is locked down tightly.
But to do that, you need to know how websites are hacked in the first place.
Three reasons why people get hacked:
#1: A lack of software updates
Most websites consist of a content management system (CMS) and a number of plugins which give the site additional functionality.
While it works well most of the time, it also opens you up to vulnerabilities.
For example, software developers can add accidental (or deliberate) loopholes and vulnerabilities that are out of your hands.
Luckily, most developers update their software on a regular basis to iron out bugs and to stay on top of security.
That’s why you should regularly check for updates and apply the latest patches at the earliest opportunity.
#2: Insecure passwords
A recent analysis of more than 10 million passwords sampled from data breaches found that the two most common passwords are ‘123456’ and ‘123456789’.
On top of that, over 50% of people use one of the top 25 passwords – which means that even the most talentless hacker can have a pretty good guess at your credentials.
The best way to protect yourself against this type of vulnerability is to use a strong password.
Don’t give the hackers a chance.
The best passwords include a random collection of numbers, letters, symbols and cases. Avoid using dictionary words and never write it down or share it with anyone else.
#3: Phishing and malware
Some hackers try to trick people into installing malicious software or clicking spurious links that compromise their credentials.
If you fall victim to a keylogger, for example, then it’s not too difficult for hackers to figure out the logins you use to gain access to the back end of your website.
You can protect yourself by using antivirus and antimalware software to pick up on threats before they become a problem.
Besides the antivirus program, you should secure your website with an SSL certificate. So, you should buy SSL certificate if you don’t already have one.
Remember, though, that the landscape moves fast and that you’ll need to regularly update your software if you want it to keep on protecting you.
Learn more about security!
Of course, this is just a quick crash course on what you need to look out for.
There’s more to server security than the basics, which is why we’ve written a handy blog post to help you through it.
