Eicra.com will help you to protect your website and not get hacked. This security articles should serve as a general purpose and would not go into too technical detail on how to protect your eicra.com account. This safety tips work for all web hosting plan generally and can be applied to other than hosting. Here are few of the simple steps that can help protect your eicra.com hosted website from getting hack!
- Use a strong password for your Control panel, email account, FTP account, MySQL database admin login, and other. Make sure you use a character, number, upper lower case, symbol etc. Visit http://www.strongpasswordgenerator.com to get help building the strong password.
- If you are using open source PHP scripts like WordPress, keep them updated always!
- Don’t install PHP scripts that you are not sure about. It can be not fully tested, or not being supported any longer, or it can be with bugs that create an opportunity for the hacker to get in.
- There are a few keyloggers out on the market, which will allow some bad people to gain access to some of the PC desktop, install a keylogger (could be trojan or anything) and that send FTP user/pass to a hacker. Change FTP password, but if the keylogger still can steal pass, then it is not very useful.
- Use SFTP, in this way the password for FTP is not sent clean, is encrypted and keylogger cannot steal it.
- In ASL module from ART in a new version (for PLESK) there is a module which will scan these attempts via FTP.
Its simple as that, three simple things you need to do to keep your website safe from a hacker, at least that is what you can do. And even after that, if your website gets hack or hacked again, make sure you get it clean. We mean totally remove your web files from the server, and reinstall or upload again the PHP content from your local backup drive. Eicra support team might be able to help, but securing own website is own responsibility.
Its the same at every shared web hosting, or even VPS hosting or dedicated server hosting. Internet hosting provider won’t count responsibility for the website hosted being hacked.