How to secure my website and emails?

Posted December 1, 2015

Please do the following steps to strengthen your website's defenses against exploits and other types of attacks:

1. Change your password (cPanel, client portal, email accounts, FTP accounts, etc.) at least every 90 days.

2. Do not share your login credentials to any person whom you do not fully trust. If it is necessary to give your login credentials to others, make sure to change your password again once they are done using your account.

3. Make sure to install trusted and secure applications only. Read reviews before using a script or an app. If it is custom coded, make sure to practice and consider security precautions. 

4. Update all installed applications on your website, including plugins, themes and other modifications.

5. Remove files, applications and scripts that you no longer need.

6. If you found any files that were uploaded without your consent, delete them immediately and change your passwords.

7. Use the ClamAV anti-virus scanner on your account at least once a week.

8. Backup your files, emails and databases regularly.

9. Protecting your website is not enough, make sure to install an anti-virus and anti-malware on your computer too. Scan your computer for viruses and malware on a regular basis, weekly is good.

10. Logon to your account using a secured network only. Public WIFIs are not recommended.

 

PASSWORD TIPS

1. Make your passwords long, at least 8-12 characters is recommended.

2. Do not use dictionary words.

3. Use a variety of symbols, punctuations and case changes (lowercase and uppercase).

4. Do not save your password in plain text files in your desktop.

5. If you received a random generated password via email, change it to something you can remember immediately.

 

SCRIPT MAINTENANCE TIPS

1. Visit your script vendor's website for additional security tips.

2. Subscribe in their mailing list to receive notifications when new updates or patches are released. If you don't want to upgrade to a major release, make sure to at least install the security patches.

3. Check your plugins before installing them. If possible, review the codes. Otherwise, read comments from other users if the plugin is safe to use.

 

EXPLOITED ACCOUNTS

1. If you think your account was compromised, logon to cPanel and do an anti-virus scan. Change your passwords in cPanel, FTP and webmail.

2. If you can't login to your account, report your issue by emailing info@hanephosting.com as soon as possible.

 

FOR WORDPRESS

Please refer to the following documentations:

https://codex.wordpress.org/Hardening_WordPress

https://codex.wordpress.org/FAQ_My_site_was_hacked



Related articles
  Terms of Service (Customer Agreement)
  How to pay online for your digital goods?
  CPU, Disk I/O and Memory (Resource Usage Policies)
  Unmetered Disk Space & Bandwidth (Resource Usage Policies)
  Emails (Resource Usage Policies)
  How to clear your DNS cache?
  Acceptable Usage Policy
  Terms of Service (Privacy Policies)
  How to fix Google malware warning?
  What is an addon domain and how to use it?
  How to check my email using an email client like Outlook or Thunderbird?
  Backups (Resource Usage Policies)
  Terms of Service (Warranties and Liabilities)
  How to fix 500 Internal Server Error?
  How to upload files using FTP?

 
« Go back


Do not reproduce or distribute articles without proper permission or attribution (link to Hanep Hosting).

 
Powered by Help Desk Software HESK, brought to you by SysAid