How Do You Prevent Hacking?


(Robert Zemeski) #1

I am concerned as to how to protect my web site from hacking.
Can anyone advise me how to prevent my site from being hacked.


#2

The only thing I can suggest is that you ensure that all passwords used for FTP or access to your ISP’s control panel have as many characters as possible and use random numbers and letters. I use keychain for generating random number/letters/symbol passwords.


(Aaron Marquez) #3

RapidWeaver websites are generally not vulnerable to “hacking” like WordPress and other platforms are. There are no databases or means for a hacker to inject a script or shell (etc). As @britinusa mentioned, keep your passwords/FTP info safe and secure. Change your password regularly and make sure it’s unique.

If you are using a CMS or plugin that requires a database, you should consult the plugin developer for the best practices in keeping the plugin files and database secure.


(Robert Zemeski) #4

Thanks! I will head your advice.


(Robert Zemeski) #5

Boy, this if is also a great relief – thanks!


#6

A few other thoughts spring to mind but obviously your server should have an up to date firewall and you should make use of server side facilities like protection against brute force attacks. After that:

I would avoid a php contact page and possibly use something like Doobox html contact form http://www.doobox.co.uk/stacks_store/demos/htmlcontact.html

Next ensure that your .htaccess file is secured.

If you have folders with miscellaneous content that you would rather keep hidden pop a blank plain text file in the folder called index.html. That will stop people from simply viewing the entire contents of a folder because they will need the precise file names for each piece of content, otherwise they’ll just hit a 404 error message.

Finally you should consider something like CloudFlare that will block an awful lot of attempts before they even reach your site.