The sad truth about web hosts is that there is no simple solution for preventing any security breaches from hackers.
Web hosts tend to apply patches to their servers that are released from the software developers that make the software used to run server operating systems, but even then this is usually done only when a threat has been discovered or has already occurred somewhere.
It is generally up to website owners to ultimately ensure that their websites and the servers they are hosted on are secured as much as they reasonably can be. But if you are not a server security expert, how do you know what you should be doing to ensure that your website and the server that it is hosted on is as secure as can be?
Here are some top tips that any webmaster or website administrator can take on board to ensure that their websites are as secure as possible.
Make use of popular, open-source scripts
Rather than creating proprietary code for websites, consider using popular, open-source scripts. An excellent example of this is WordPress, which is a popular blogging and content management platform written in PHP and is database-driven.
Over 70 million websites around the world are powered by WordPress, and any updates such as new features or patches to fix potential security vulnerabilities are released on a regular basis by a dedicated team of developers.
Keep everything up-to-date
Although some open-source scripts will automatically update themselves, many require manual updates. Many webmasters often put off updating their online software until it’s too late, so it is worth scheduling in some time each fortnight or month to apply updates to your online software.
Use a reputable host
Just because a web host is cheap and offers all of the features you need from a web hosting service doesn’t mean that they are offer a good service, nor does it mean that they take any security breaches (potential or ongoing) seriously.
When you buy web hosting services, you should do some research online to see which ones offer the features and facilities that you need, as well as the reliability and customer support to back it up.
Don’t use simple passwords
You would not believe the amount of people that use simple passwords that are easy to guess or crack by any competent computer hackers. Ideally, you should be using a random password that is between 10 to 15 characters long, contains uppercase and lowercase letters, as well as numerals and symbols, and most importantly do not use any words in your passwords as they can be subject to dictionary attacks by hackers.
If you are having trouble thinking of a good password to use, there are a plethora of websites online that can generate random passwords for you to use. Just type in “password generator” into your favourite search engine to come up with a list of them.
File and folder permissions set
All web hosts worth their salt will let you set certain permission levels for files and folders for your website. Permissions such as 644 or 755 are typically used, but it is worth doing some research to find out which permissions you will need for your files.
Secure FTP
Finally when you are transferring files, make sure that you are using secure FTP; this means that your login details are encrypted, rather than being transmitted in plain text if you are using standard FTP.
