Securing your site

Typical attack vectors for hacked sites are the following:

  1. Insecure file and folder permissions where write access has been given to publicly accessible files.
  2. Third-party apps (WordPress, Joomla etc) that have NOT been secured and kept up to date, including any add-on modules. 
  3. Compromised Passwords for FTP, Control Panel or CMS etc that allow a hacker access to the hosting plan files.
  4. Compromised Mail accounts which may have emails with ftp/panel passwords saved or that allow hackers to request password resets from your host.

Tips for securing your site

Write permissions should only be assigned to files/folders that explicitly require write access and if possible they should be hosted below the websites root folder where they are not directly accessible by website browsers.

In our Windows hosting you can manage permissions using the control panel file manager by clicking the padlock next to any file or folder, you need to alter. Users should avoid ticking the "enable write permissions" option in the website properties page as this will assign write permissions to all files and folders in the site and is highly insecure.
 
In our Linux hosting, you can set permissions via the file manager or via the FTP chmod command.
 
Always use complex passwords for all accounts. Using a password manager like Lastpass or Keepass to generate and manage complex passwords is a good idea.

We offer security audits for a small fee and they can save you time understanding where your site may be lacking is security.

 

  • 10 Users Found This Useful
Was this answer helpful?

Related Articles

How to associate a domain to web space

Normally it is best to assign the name servers of your host to your domain name, in this way all...

SolidCP & WebSitePanel reseller set up guide for windows hosting

This is a Step by Step beginners guide on how to set-up user accounts under a reseller account in...

Is there a limit to the number of MSSQL databases you can create?

The only limitation for Microsoft SQL Server databases is the space, you can create unlimited...

Connection timeout or no file or directory listing when connecting via FTP

A common issue when trying to connect via FTP to a server is to receive a connection timeout or...

Free SSL on all Linux shared hosting plans

All our shared Linux hosting comes with Free SSL provided by Comodo and Cpanel. This is...