10 Tips to Prevent Hackers

by Janith

Hackers have been around for too long, usually associated with dark themes and “the evil side” they represent the minority of IT Gurus that just have too much time on their hands, and a touch of evilness.

Usually represented with a skull or “horrifically” they are iconic in a never ending battle against internet crime.

Your hosting provider should have set up your server with a certain amount of security built-in. However, there’s much you can do yourself to ensure your site stays unmolested.

Hackers play an “unwanted” yet a significant role on the net, it creates thousands if not millions of jobs, in the IT field but they are a menace to webmasters, such as you and me alike.

Not to worry, because the following list of “Ten Tips” aims to tell you a little about the way malicious hackers work, and some ways of protecting your site-and inevitably preserving the privacy of your visitors.

Ten Tips to Prevent Hackers

10) Comment Attacks

Comments are one of most prized features for blogs, and helps create a great relationship between the author and the reader, and also between readers in the wider community. It would also be easy for someone to insert HTML code that causes trouble.

You need to “validate” the form input before it’s accepted, to strip out all but the most basic HTML tags, for example and also if you’re using WordPress – you can utilize the “Keyword Filter” to block out any harsh words that might raise an issue or two.

9) Unsolicited Installation of Scripts

It can be dangerous to install third-party scripts and programs on your website unless you understand what they are actually doing. Even if you don’t fully understand the programming, you can read through the code and look for tell-tale signs such as references to third-party URLS.

You can also visit community forums such as SitePoint and DigitalPoint to ask around for better advice.

8) Avoid Scam/Spammy Websites

In a desperate attempt to get visitors you might consider try extensive viral marketing and other means of gaining the attention, this may cause a few people in the wrong community to raise a few eyebrows.

The last thing you need as a settled web-master is to cause a stir amongst the wrong people. Stay away from websites and especially forums that offer “information” or “get traffic quick” that uses illegal spam lists and such.

7) Clear the Cookies!

web_cookie2Personally, I use a lot of public computers to blog and do other online activities, maybe because it’s convenient or my unreliable ISP crashed on my once more. Inevitable there’s many, many webmasters like me that use public services for either a quick access or regular work.

Just don’t forget to clear out the cookies and cache before you leave! Even if the service provider claims “no tracking of privacy” or anything along those lines, a quick clean before you leave wouldn’t hurt anyone.

6) Prevent illegal farmers’ from “harvesting” your lists

Hacking techniques are used to “harvest” email addresses, which are then used by spammers and other hackers for malicious activities. If you are storing email data on your website, for what-ever required reason, make sure it’s stored in a secure format, such as a MySQL Database.

Most top-CMS such as WordPress and Joomla make this compulsory but there’s many self written CMS’s too. If your script simply writes data to a text called “emails.txt” it won’t be long before someone sniffs it out.

5) Make sure your files are using the correct CHMOD Permissions

chmodCHMOD File Permissions assign a specific value to every file/folder on your server, which allows different levels of access.

CHMOD Permission range from 000 (No access) to 777 (Full access), you must decide which files get what permissions, but be warned that some third party software require higher permissions to operate properly. You need to balance out features with security and make an informed decision.

Using a FTP you can change the permissions given to each file/folder on your server. This is vital to ensure any unauthorized access to your content is comprehensively denied.

Note – Make sure your CHMOD settings work with your current web-hosts. Some hosts prevent ’777′ for security reasons.

4) Don’t use Generic Usernames

Using common words for usernames such as “admin”, “administrator” or “Site Owner” can cause many implications because you are simply making the job of the hacker’s a lot easier. By using such common words for your username, you are incredibly increasing the success rate of the hacker by at least a few points of a percentage, which is consider a lot where only one answer can be right from an unlimited range of combinations.

3) Securing your Ports

To put in simple words, a “PORT” is used to access data from outside the server. It also utilized to transfer data both ways, into the server and also outgoing. Most of this activity is behind closed doors and happens automatically, and only trained professionals tend to play around with such details.

Nevertheless, ports are constantly opened & closed for easy-access, for programs such as a FTP (File Transfer Protocol). This can be favorable for any hackers attempting to access your sensitive files, so make sure any unwanted ports are ‘properly closed.’

2) Updated Security Patches

If your web hosting provider hasn’t already done so, you should check that all the latest security patches for various aspects of the service are properly installed. As you might know, WordPress (self-hosted) is one of the most popular Content Management Systems out there on the market.

It is used by millions- so it’s not surprising to see many hackers working day/night trying to hack it. Updates and patches are regularly released, so keep an eye out for all your plug-ins/core files.

1) Use Strong Passwords!

password_starThe number one technique you can possibly implement. Hackers are experts at programming computers to plough through huge amounts of data very quickly. That’s the reason longer passwords are more secure; the number of possible combinations grows exponentially with every extra character added.

Hackers employ a technique called “dictionary attack” where they repeatedly try username and password combinations by running through hundreds of common words, phrases, numbers and combination them till they get lucky. It’s important you use random strings like “j@m13s(!)” instead of perhaps “jamie123″

Lastly, this cannot be a ‘tip’ instead a complusory step in setting up your online community. Make sure your “.htaccess” and “.htpasswrd” is properly formatted with the secure CHMOD of 644. This is important and adds the best out-layer of protection for you and your visitors.

Back to the top

by

To learn more about this author and see all of their posts, click below.

View Full Profile →

Discover the Real Meaning...

of what it means to master the psychology of your blogging practice. Find out one of the most missed aspects to blogging now, totally free!

Make Money Tips January 6, 2009 at 11:35 pm

really great tips,
i know this cause i faced that problem,
And if your site was hacked check most of the files and replacing it with an old backup is a must,
cause they edit your files sometimes

Thumb up 3 Thumb down 7
Vennorex January 7, 2009 at 6:15 am

very useful tips although I didn’t have any hacker problems.I will be more precautious from now on

Thumb up 3 Thumb down 6
Janith January 7, 2009 at 10:14 am

Better safe, than trying to fix it.

Once a hacker gets in, you can try your best to regather – but it just won’t be the same.
I should have added “Back Up Your Data” as a point too, it’s really important that everyone does.

If your using Wordpress, there’s a plugin that emails you backups every day/week/month depending on your preference.

Thumb up 9 Thumb down 6
SoLinkable January 7, 2009 at 2:00 pm

These are some excellent tips. Security is one of my weaker skills. I’ve always wanted to learn more about it, but it can be so overwhelming… Just sitting back and hoping that your site doesn’t get hacked isn’t exactly the best way to deal with security.

Thumb up 4 Thumb down 7
Arfan January 7, 2009 at 4:54 pm

Good Tips and Have to agree it does help create Millions of Jobs

Thumb up 4 Thumb down 9
Henry January 7, 2009 at 5:20 pm

Thanks for the nice information, I never knew all of these tips.

Thumb up 7 Thumb down 5
Farrhad A January 7, 2009 at 9:43 pm

Nice tips, am making some required changes :)

Thumb up 3 Thumb down 6
michelle January 12, 2009 at 9:17 pm

Nice tips, thanks for sharing

Regards
Michelle

Thumb up 5 Thumb down 5
Janith January 15, 2009 at 10:16 am

Thank You, everyone for the comments!

I’m making another addition to this, a better explanation of how important the .htaccess and .htpasswd are.

Hopefully can publish it sometime soon :)

Thumb up 7 Thumb down 8
Beverley Aylward January 17, 2009 at 9:39 am

I wish I had found your blog a month ago My site was hacked by muslim extremists against the war and they made a complete mess of my site. Had to start from scratch. backed up now
but great content
i found you on blogcatalog
Bev

Thumb up 3 Thumb down 7
Alex January 17, 2009 at 3:38 pm

Sorry that happened to you, Beverly. But as long as you can recover, I guess that’s all the matters right?

Thumb up 0 Thumb down 8
Richael Neet January 23, 2009 at 9:42 pm

Nice collection of tips. Hackers do strike, so be prepared in advance! Opt for a good host too, who keep in par with securing the hosting platform with industry standard security tools. There have been many hackings whereby hackers accessed your site via the means of taking control of the hosting company’s servers. If in doubt, do not sign up with the host. A saving of few dollars does not justify risking your data and privacy….

Thumb up 2 Thumb down 7
Janith January 24, 2009 at 1:31 am

Well said Richael,
I can’t stress how important it is to give up a free extra dollars, so your mind can be at rest and not worry about being scammed.

I’ve seen the best/worst of both worlds – and from that experience paying the few more dollars so by far a better option.

Janith

Thumb up 2 Thumb down 5
Joe October 5, 2009 at 2:30 pm

Nice Tips! I will also be making a few changes to my site !

Thumb up 2 Thumb down 5
Team buyprintedgifts.com May 23, 2010 at 1:53 am

Nice article.
Regarsd,
Team buyprintedgifts.com

Thumb up 1 Thumb down 4
Nim @ Jobs from home August 30, 2010 at 7:29 pm

Thanks for these anti-hacking tips. I’ll surely apply all of these to all of my websites.

Thumb up 1 Thumb down 4
Used Mack Pickup Trucks November 19, 2010 at 1:34 am

Hey nice tips. Before that I never know about it. I generally delete cookies but never know about other types another preventions.

Thumb up 1 Thumb down 4
Nasif April 27, 2011 at 11:38 am

Best way to prevent hacker is to backup your blog regularly… That’s the best solution ever. There are lots of wp security plugins but I don’t use them since they will slow down my blog

Thumb up 1 Thumb down 6

Comments on this entry are closed.

Previous post:

Next post: