one. Backup your internet site data synthetic around the server.
Obtain two distinct hosts which allow SSH access. Get an account with Each individual. FTP the backup of one web page to the opposite server instantly, and vice versa. Download copies to your own home Laptop or computer at the same time.
two. Place a file called ‘index.html’ in every single big or crucial directory in your site, if it doesn’t have already got a single.
This stops folks attempting to peek at other files in a similar Listing.
three. Don't use aged variations of FormMail. Do not use scripts that happen to be newly produced, unless you know how to check for stability holes.
They ought to filter input like # or >. Research about the conditions ‘Script Name bug’ or ‘Script Identify safety’.
four. Rename any e-mail scripts you down load ahead of putting in them.
Why give a spammer a clue regarding what your script is, and what it can perform?
five. Don't give documents or directories noticeable names, like ‘go’, ’email messages’, ‘orders’ plus the like.
All over again, why make it simple for snoopers?
six. Don't go away unencrypted, private information on your server.
It’s only a pc inside a home God is aware of the place, with God appreciates who having access to it.
7. Use a popular Net host.
That cheapo one particular could be an un-fully commited reseller. Their Google PageRank provides a clue concerning how well known They can be. Deliver them an electronic mail or two. See just how long it takes to obtain a reply. Consider their message boards; how busy are they? They don’t Have a very Discussion board? Upcoming!
eight. Should you be creating .htaccess documents or every other sort of password safety, use lengthy and diverse passwords.
“Ch33s3And0n10n” is lots more secure than “cheeseandonion”, and just as unforgettable. Make your password at the least eight characters in duration, containing equally letters and figures, and both of those higher and reduce-situation letters. Regular terms may be guessed by brute-power cracking systems.
9. Strip scripts down to the bare Necessities. Upgrade them regularly.
Plans like PHPNuke have a great deal of features within the default put in. They permit site owners and customers loads of Charge of Site written content. This makes vulnerabilities. A ‘Nuke web-site of mine was hacked all through Christmas 2005, by an Arabian group. Thankfully, I had a backup. I didn’t have rapidly Access to the internet, at some time, to enhance it. I only wanted one particular module Doing work, so I eliminated the inessential types, and changed file permissions around the admin area. At the time of crafting, I’m waiting around to view what comes about up coming!
For those who don’t actually will need it, change it off.
ten. Watch out Everything you say about Other individuals or products and solutions on your internet site.
Probably not security, but… consumers are pretty touchy about criticism. ‘Flame wars’ can be a squander of time and energy, so steer clear of them.