Protect websites against hackers

Posted: August 23, 2010 in Home

There are many tools to protect website from hijackers.
Affiliate Diamond – The Easy Way To Protect Your Affiliate Commissions
HTML Encryptor -Protect Your Web Site From Internet Pirates
HTML Security Report – Protect Visitors Stealing From You
Download Page Protector – Stop Thieves Stealing Your Ebooks And Software Products are some tools.

What InFloW said, and:

* Make it your habit to protect your administration panel with .htaccess (if you’re using a Linux web hosting service). For example, if you use WordPress, protect your ‘/wp-admin’ area by configuring .htaccess. You can find these WordPress security resources pretty useful. If you’re using WordPress, you should also check your theme before enabling it.

* Always use passwords longer than 10 digits (alpha-numeric). If a 10 or 12 digit password is too long for you to remember, jot it down somewhere or better save it in a file and secure it with an easy password that you can remember.

* Join the Security Focus mailing list so you can keep an eye on what’s going on in the security world.

I could write many points but for a normal web master, these three or four points should be enough.

1) Proper User Input Validation

To protect your web site you or the people you work with have to check properly data that comes from user’s input.

e.g. there a lot of people that will make you a contact form as quickly as possible for about 2 mins (low quality code), the data may not validated correctly and some people may user your contact form to send spam by injecting “To: victim@domain.com\r\n”…..

2) Use CAPTCHA
CAPTCHA in your forms in order to stop bots and automated programs

3) Protect your host
If you’re on a shared hosting the hosting company takes care of the security of the servers, on the other hand if you have a dedicated server you have to hire a very good system administrator to keep your server up-to-date and apply necessary patches where needed.

__________________

We use a software called dotdefender – its protect the website against web application attacks such sql injection, cross site scripting and others. Its basically a web application firewall that stop all those kinds of attacks.
Also, We use another tool for denial of service prevention.

Best way to Protect is by Updating

Change Your admin password
Change Admin Login from “admin” to something
Use Captchas

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s