Start a conversation

How can I prevent hacking ?

If you run a popular/successful blog, there’s a pretty good chance you’re plenty familiar with hacking and how to deal with it. But hacking comes in many forms and can hit any kind of web site that isn’t secure. The most important thing to do is keep your passwords a secret. If you must give a password to someone, be sure to change it when they are done using the access. Don't write your passwords down or share them with too many people. Periodically change your passwords. You can find more by searching "How can I make a stronger password?"  Please Read our post how to create a stronger passwrod  that is hard to guess.

Along the same idea, you need to make sure your personal computer does not have viruses, malicious scripts, trojans, keyloggers, etc. Please make sure you have gone over the below steps carefully. 

1. Software and Scripts Up to Date.

If for some reason your running an old version of phpbb, or maybe an old vbulletin or even a simple script, make sure you upgrade them to the latest version. That may get your website hacked easily using methods like RFI or SQL injections.

2. Plug ins, Add ons and Modules.

Running a CMS site? like Joomla, Mambo, Datalife or maybe a forum like phpbb, SMF, vbulletin will think again before uploading/installing modules and plug ins. The developers of those scripts take good care of their codes to keep it clean of exploits and bugs. The plug-ins developers most of time don’t, they are the 70% cause of hacking those kinds of software’s.

3. It’s Your Fault.

Most Webmasters think that if they get hacked it’s because their Hosting sucks or the hosting staff isn’t doing its job, but they’re WRONG. If you get hacked it’s your fault. If you install a script with bugs, the hosting owner can’t do anything about it.  If someone exploits your bug and gains access to your site it’s your fault, don’t blame your web hosting company, blame yourself. After being hacked you should try to lookfor your scripts in sites like to see if your scripts did have any bugs.

4. Protect Your Password

If you run a very popular site then be careful! Some people may love you, some people may hate you. They could try to get into your FTP, cPanel, or hosting account. Some of them may even try to send you Keyloggers, Trojans and monitoring programs to get access to your websites. Be careful when accepting files, using instant messaging softwares like Yahoo, MSN, or AIM.  Also always use the hardest password possible.

5. Keep your Hosting Account and PC Clean

Most people have lots of files they don’t even use on their hosting accounts and computers.  On their hosting accounts this may cause wrong indexation in search engines like Google, Yahoo, Msn, and Ask. They may start indexing old sites in forgotten folders, as personal files like pictures and more, it’s always good to keep your hosting account with only your website updated content.

6. Quality Before Quantity.

Use quality software for your site. Why use phpbb (greatly Coded), if you can buy a vBulletin License. If you’re already making a revenue from your site using advertising programs like Google AdSense, cpx Interactive and more, then think that you have to invert to win. The more you invert, the better chances you have to win, this may keep your site clean of hackers.

7.Backups, Backups and yes.. Backups.

Most common mistakes people make is uploading and just uploading! Make a backup of your Site! Keep the files on your PC, or in your USB or External Hard Drive, it can save your life. I got hacked 5 times and you can ask my visitors if they have ever seen an hacked index on my sites.. NEVER. That’s the greatest satisfaction of a hacker. Never let your users see that you got hacked. Clean your whole hosting account before leaving that killing ranking index on your site.

8. Don’t put all your eggs on the same basket.

If you have some time in the Web Business and have more than 2 sites.. then protect them! Did you know that if one of your websites gets hacked, all of the other websites in the same hosting account may get hacked too? Yes, Defacers can easily upload a shell to your FTP and get access to all your sites. You can easily prevent this by buying a Reseller Account or buying more than one Hosting Account, even if they offer you a lot of hosting storage and bandwidth.

9. Knowledge is Power!

Learn, read, and search. Now days with the use of great search engines you can access a lot of information that may keep you safe and may even make you a Defacer or Hacker. Most of the Hackers have learned to use search engines and community forums. Underground community’s that provide them carding information, defacing information and a lot more. To Prevent them you gotta think like them.

10. Check CHMOD, Permissions.

Most of time while installing new scripts they ask you to CHMOD to 777, for some files, some times that may be fatal. When a Defacer comes into your site files it becomes easier to modify/edit/delete the files with 777, if you public_html folder has those permissions your basically done, and hacked. But if it doesn’t then he can only modify the ones with those permissions. It’s good to keep in mind so that when you finish the installation you bring back all the old permissions.

Bonus: for those VPS / Reseller / Dedicated Costumers is important to keep in mind that the root’s password for MySQL is also a big factor when talking about hacking, it’s always good not let it as default, this may cause you lose all your tables and rows.

Choose files or drag and drop files
Was this article helpful?
  1. Technical Team [Level-III]

  2. Posted