With CMS sites composing a large percentage of marketing based websites in the market, hackers and cyber-terrorists have figured out that they only need to expose a single weakness in these systems to cause a whole bunch of havoc. And, with open-source Content Management Systems, like WordPress and Joomla!, being updated constantly, the number of outdated releases that are currently in production means that hackers have a better chance of creating a virus that will go un-detected for a good period of time.
So, what can you do to protect sites from malware attacks? Here are the top 5 things you can do to protect your clients’ sites.
1. Keep your software updated
If you’re using a Content Management System like WordPress or Joomla, it’s important to make sure that the system version as well as all plugin versions are as up to date as possible. Hackers love to exploit out of date software versions that no longer receive security patches.
2. Use a good password and Protect Access to Admin Area
Sorry folks, but admin or password123 just don’t cut it. Yeah, we know, those high security passwords are hard to remember. We have to keep track of hundreds of them, so you can at least remember one or two.
A couple of good tools for creating/storing secure passwords:
- Lastpass – https://lastpass.com/
- Secure password generator – http://www.pctools.com/guides/password/
Another thing you can do is create a second layer of security by protecting your administrator login area with htaccess authentication. This is a server level admin and stores encrypted passwords that make hackers sad.
3. Make sure permissions are setup correctly
File and folder permissions can be a tricky thing to understand. CMS users can really struggle with file ownership and permissions when uploading images to their site and trying to update plugins and site files. The temptation is to simply set all files to everything, but this is something to strongly avoid as it opens the door to viruses and hacks. As a rule, always keep your permissions to 755 for folders and 644 for files.
4. Turn off unused services and secure FTP
Depending on where you are hosting your site, it could very well be that your server is susceptible to attacks. Services like SSH can be exploited and, if not being regularly used, should be disabled.
Additionally, it is smart to make sure that the regular FTP port (21) be closed and that only the SFTP (Secure FTP) protocol be used.
5. Keep a backup
When all else fails, you can always roll back to a pre-viral version of your site. There are lots of great backup tools in the market.
For WordPress sites, Backup Buddy is a great Plug-in that can do complete site backups, scheduled backups and can send archived files to offsite locations (our recommendation) such as Dropbox, Amazon S3 and others.
For Joomla, we use Akeeba Backup. Like Backup Buddy, it has all the features mentioned and even includes it’s own embedded installer that will put the site back on a new server in just minutes.
Bonus: Hire some muscle…or nerds…
If you’re maintaining several sites, you are going to find that regularly maintaining these security issues can be a big job. Here at The Dev Department, we maintain a LOT of sites and spend most of our time checking, and re-checking sites for issues. If you want to learn more about how we can help protect yours, or your clients’ sites, check out our Website Warranty.
Easy order before proceeding with writer’s portfolio and get a high quality paper or simply complete your e-mail, the support team at short notice. Key Advantages and the order before proceeding with such quality. Easy order before proceeding with writer’s portfolio and the deadline is. Whether you will not find any. http://guidessay.com/reviews/paperial-com/ Pricing Policy That first thing that every customer pays attention to use featuring user-friendly interface. Here you will certainly be the available. High-Quality Papers by the payment. Such form is able to provide high quality papers for everyone. The key benefits of course. Paperial offers cheap college papers.