Actions To Defend Your Site From Hackers

Apr/11

Welcome back. Have you check out our training programing that teaches you how to Create Your Own Website?

Hackers are constantly attacking web sites and one day, even though your site is not experiencing huge visitors levels, a hacker may come calling at your door to test your security levels. How do you stop them from gaining access and possibly taking control of your website?

Passwords
Your site admin must have a strong password – never ‘password’ or other obvious words. A medium strength password will include a combination of numbers and letters, ideally using upper and lower case letters. Make it stronger by including other characters, let’s say @ – ? etc. Anything that you could add that means your password is not a straight forward word or two can really improve it.

Ideally, also sign on with a user name that is not obvious – not ‘admin’, ‘administrator’ and so on. This way the hacker must guess user name and password. And if you could move your administration area to an unusual directory, then the hacker may not even be able to find it!

Watch what is happening
Monitor failed logon attempts to the admin and possibly close it down if there are too many. Be on the look out for multiple failed attempts from the same IP address and multiple failed attempts on the same user name. Hackers may use networks of computers to constantly submit different passwords to your admin and if these are hijacked computers, they will have different IP addresses, but they will all attack the same userid.

Be alert to visitors patterns
Watch your traffic stats for sudden interest in pages, especially pages that shouldn’t be there and protect the code from SQL injection. And if any part of your website is uploading files then validate the format. I like to check that images are a valid image format and then put them through a resize algorithm. That way php / asp files cannot be uploaded and ran should a hacker gain entry to an admin system.

SQL injection
This is a popular way of reading your tables and trying to find out if you have passwords stored there and other malicious tricks, for instance uploading content to your pages. Ensure that that you use correct escape routines to remove any attempts to inject SQL into your code and on pages where all that is needed is a read just access, only use a read just user id. Then if someone slips in extra code the potential damage may merely be limited.

You could also validate inputs to prevent SQL injection. For instance, if you are expecting to be passed an id that is an integer, then test that it is an integer. If not, then I like to just exit the code immediately so that there are no extra clues given and the page stops loading immediately.

Written by Keith Lunt, who offers a Southport website design service. For more useful tips about good web design call into the blog.

People that are looking for info about the sphere of one way links, then make sure to check out the web page which is mentioned right in this passage.

No related posts.

website security

RSS feed for this post (comments)

There’s no point building your own website if no one can find it. If you want to make your own website, be found by search engines, and drive internet traffic to your site quickly, then you need a search engine optimized professional web creator system in one. Free web platforms just aren’t worth the money you loose by not choosing a professional website builder. With the Simple New Web System you will be able to dramatically reduce the total cost of ownership of your website, as you can:

Create, manage
Search engine optimize &
Market your own website

...in one fully feature-packed program, saving you time, money and learning frustration.

Click Here For Simple New Web System

Make Your Own Website Blog

Actions To Defend Your Site From Hackers

Leave a Reply

Make Your Own Website

Create Websites Resource

Blogroll

Recent Posts

Archives

Tags