Your website is under attack. But you’re not alone. Almost every day, just about every single site on the internet is under attack. Programs written by hackers, spammers and all sorts of nefarious actors scour the internet and try and login to your website’s dashboard. Once they get in, they can install scripts that will do all sorts of shady things like steal customer data, send out spam, hold your site for ransom, etc… And these bad guys are always getting smarter with the tools they use all the time. It’s a constant game of cat and mouse. And no website is 100% safe.
But don’t give up hope. A general rule of thumb is that the bad actors attempt to get in using the simplest means possible. Just like a car thief, they’d prefer to get in to the easiest car on the block, that has the fewest alarms and the fewest safeguards. They want the low hanging fruit.
If you’re lazy, and don’t take any precautions, then you can bet your butt that it’s not a matter of if, but a matter of when the bad guys get in to your website.
So at the very least, you should consider implementing these most basic security protocols on your website to scare off the overwhelming majority of bad guys:
1. RANDOMIZE YOUR PASSWORDS
Make sure that all the passwords for your website are a random series of letters, numbers and characters. Not just the password used to access any control panel or hosting account dashboard, but also something called your FTP password. FTP is a tool used to upload and download files to your site. Ask your hosting provider where to updated your FTP password.
On a related topic, do NOT use the same passwords for anything ever. Reason being, if hackers get all the email addresses and associated passwords from one website, they’re going to try that same e-mail and password combo on all sorts of other popular websites. Why? Because they know that most people are lazy and use the same passwords across different sites.
2. USE YOUR HOSTING COMPANY’S SECURITY TOOLS
Most web hosting companies offer security packages you can purchase to further batten down the hatches with firewalls, malware scans, etc… If you’re like me, and you can’t sleep easy at night knowing there was more you could do to protect your site, then you should do the wise thing and take this easy-to-implement precautionary measure.
3. CHANGE YOUR DEFAULT LOGIN PAGE
If you use a popular content-management system (e.g. WordPress, Joomla, etc…), the out-of-the-box login page is exactly the same for everyone else with that same C.M.S. Hackers know this and they look for it. So it’s best to change the default login URL to something inconspicuous. If hackers don’t know where to login, it makes their job that much harder and more likely that they’ll just move on to someone else’s site that’s an easier target.
In summary, don’t be lazy about this stuff. It makes you an eazy target. Most of the steps described above are very simple, but if you have questions about them, or need help implementing them, contact us now.