6. Do not leave is not encrypted, confidential information on your server.

This is only a computer in a room, God knows where, with God knows who has access to it.

7. Use a popular web host.

A cheap one may be an un-committed resellers. Google PageRank they give instructions on how popular they are. Send them an email or two. See how long to get answers. Check out their forums; how busy they are? They do not have a forum? Next!

8. If you’re set. Htaccess file or other type of password protection, use a password that is long and diverse.

“Ch33s3And0n10n” far more secure than “cheeseandonion”, and only as memories. Make passwords at least 8 characters, contain both letters and numbers, and both uppercase and lowercase letters. Common words can be guessed by brute force cracking program.

9. Script to strip bare essentials. Regular upgrades.

Programs like PHPNuke has many features in the default install. They allow webmasters and users more control website content. This creates a vulnerability. A ‘Nuke my site was hacked during Christmas 2005, by an Arab group. Fortunately, I have a backup. I do not have fast internet access, at the time, to upgrade it. I only need one module to work, so I let go of the less important, and change the file permissions in the admin. At the time of writing, I’m waiting to see what happens next!

If you do not really need it, turn it off.

10. Be careful what you say about other people or products on your site.

Not really secure, but … people are very sensitive about criticism. ‘Flame wars’ are a waste of time and energy, so avoid them.

Comments are closed.