Website security is an important aspect of website ownership. A hacked website makes your business look unprofessional and can pose a threat to your website visitors. Websites developed on out of date website platforms are targeted by hackers because of vulnerabilities within the core, extensions, modules, plugins, scripts, or components. Hackers find a way to hack into a site and will install malware and viruses into the website to target your customers. They also install unwanted advertisements for performance enhancing drugs like Viagra.
Certain precautions to increase website security include:
- Make sure that your website framework is up to date.
- Make sure that all extensions, modules, plugins, scripts, and components of your website are up to date. If there is no updated version available, consider swapping out your extension for one that is more secure.
- Use complicated encrypted passwords that utilize numbers, symbols, and upper and lowercase letters.
- Lock your file permissions (755 for folders and 644 for files).
- Use FTPS for file transfers.
- Use SSL to send emails and use suPHP.
- Hide your administration URL by changing the URL location so hackers don’t know where to try to log in.
- Block IP addresses that are blacklisted from visiting your website.
- Install extensions that do not allow login attempts to occur for an extended period of time after a certain number of attempts are taken.
- Use CAPTCHA in forms to avoid spamming through form systems.