How can I protect my website against hackers?

How can I protect my website against hackers?

you have been hacked


It is critical that your website is kept safe and secure from hackers. Although Hostcake employs a range of measures to keep our web servers secure, individual customer accounts can still be exposed and maliciously hacked. The following strategies should be used as precautions against hacker activity.

Keep your scripts and plugins up to date

This is an extremely important measure – make sure you keep abreast of the latest updates to any scripts you run, especially if they are popular and widely used (for example, Joomla and WordPress) well as any shopping carts, etc. Once a vulnerability is exploited, it spreads through the internet like wildfire. Most scripts cannot auto-update themselves, so you will have to do this manually. We also strongly suggest you consider subscribing to a website maintenance service that will take care of this task for you. Just like a car you can’t create your website and expect it to run trouble free without any form of servicing.

Hide your website admin area (very important!)

Hackers will scan and probe directories, using automated scripts, looking for tell-tale files like login.php, adminlogin.php and so on. It is certainly recommended that if you are using the well known “Word Press” website format that you DON’T name your admin user “admin”, try something more random. A WordPress plugin such as “WordFence” will help protect your site from repeated password guessing attempts.

Maintain strong passwords

Make sure you use strong passwords (at least 12 characters, with symbols and numbers where possible). This mitigates the possibility of a brute force and dictionary attack. Use different and unique passwords for your cPanel, MySQL databases, WordPress or Joomla and email accounts. If you need some secure passwords, try the random password generator in your Cpanel logon. It’s also good practice to change your passwords every month to maintain the security of your accounts.

Keep your own PC up-to-date and virus free

This tip is very important! Many customers have infected their own websites because their computer was compromised and used to attack the website. Make sure you set your Windows Update setting to ‘automatic’ (for Windows 10 users this is already in place) and always leave your firewall on (either the Windows firewall or the one provided by your antivirus software should do). Also, make sure you are running an up-to-date virus scanner. If your computer does get infected, hackers can potentially install a keylogger on your PC. Keyloggers record everything you type and send it back to the hacker, thereby compromising all your secure accounts.

Don’t log into your account at internet cafes or via unsecured wifi

You don’t know what is on the internet cafe PC, and therefore you shouldn’t trust it. Even if the internet cafe owner is legitimate, someone may have installed malicious software on the computer, capturing all your passwords and login details. Similarly, if you use a Wifi point, someone might be ‘listening in’ and intercepting your details.

Containment principle

Our servers are set up in a way that contains any damage or hacking activity to the affected user account. Therefore, if you make any mistakes and are hacked, only your user account will be affected. However, if you are affected, the best and quickest way to recover is to restore from backup.

Restoring from a backup

If your account is compromised, restoring from your last known good backup is preferred. Using this method you can be sure that none of your files have been tampered or modified. Although we keep our own backups of your websites, we urge all our customers to periodically make their own backup. Once your account is restored, you can then use the tips above to prevent it being compromised again.

Please contact us as Hostcake support if you would like further information.

Safe Browsing!

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *